Kranthi32 opened a new issue, #32869: URL: https://github.com/apache/superset/issues/32869
### Bug description after calling charts and datasets, api/v1/chart/data api getting 403 forbidden error . immediately 8088 main application showing access denied and logging out react embededd aplicationg 403 error why . please help me on that  this is my supet config.py import logging import os from celery.schedules import crontab from flask_caching.backends.filesystemcache import FileSystemCache logger = logging.getLogger() DATABASE_DIALECT = os.getenv("DATABASE_DIALECT") DATABASE_USER = os.getenv("DATABASE_USER") DATABASE_PASSWORD = os.getenv("DATABASE_PASSWORD") DATABASE_HOST = os.getenv("DATABASE_HOST") DATABASE_PORT = os.getenv("DATABASE_PORT") DATABASE_DB = os.getenv("DATABASE_DB") EXAMPLES_USER = os.getenv("EXAMPLES_USER") EXAMPLES_PASSWORD = os.getenv("EXAMPLES_PASSWORD") EXAMPLES_HOST = os.getenv("EXAMPLES_HOST") EXAMPLES_PORT = os.getenv("EXAMPLES_PORT") EXAMPLES_DB = os.getenv("EXAMPLES_DB") # The SQLAlchemy connection string. SQLALCHEMY_DATABASE_URI = ( f"{DATABASE_DIALECT}://" f"{DATABASE_USER}:{DATABASE_PASSWORD}@" f"{DATABASE_HOST}:{DATABASE_PORT}/{DATABASE_DB}" ) SQLALCHEMY_EXAMPLES_URI = ( f"{DATABASE_DIALECT}://" f"{EXAMPLES_USER}:{EXAMPLES_PASSWORD}@" f"{EXAMPLES_HOST}:{EXAMPLES_PORT}/{EXAMPLES_DB}" ) REDIS_HOST = os.getenv("REDIS_HOST", "redis") REDIS_PORT = os.getenv("REDIS_PORT", "6379") REDIS_CELERY_DB = os.getenv("REDIS_CELERY_DB", "0") REDIS_RESULTS_DB = os.getenv("REDIS_RESULTS_DB", "1") RESULTS_BACKEND = FileSystemCache("/app/superset_home/sqllab") CACHE_CONFIG = { "CACHE_TYPE": "RedisCache", "CACHE_DEFAULT_TIMEOUT": 300, "CACHE_KEY_PREFIX": "superset_", "CACHE_REDIS_HOST": REDIS_HOST, "CACHE_REDIS_PORT": REDIS_PORT, "CACHE_REDIS_DB": REDIS_RESULTS_DB, } DATA_CACHE_CONFIG = CACHE_CONFIG class CeleryConfig: broker_url = f"redis://{REDIS_HOST}:{REDIS_PORT}/{REDIS_CELERY_DB}" imports = ( "superset.sql_lab", "superset.tasks.scheduler", "superset.tasks.thumbnails", "superset.tasks.cache", ) result_backend = f"redis://{REDIS_HOST}:{REDIS_PORT}/{REDIS_RESULTS_DB}" worker_prefetch_multiplier = 1 task_acks_late = False beat_schedule = { "reports.scheduler": { "task": "reports.scheduler", "schedule": crontab(minute="*", hour="*"), }, "reports.prune_log": { "task": "reports.prune_log", "schedule": crontab(minute=10, hour=0), }, } CELERY_CONFIG = CeleryConfig FEATURE_FLAGS = {"ALERT_REPORTS": True,"EMBEDDED_SUPERSET": True,"ALLOW_DATA_QUERY_GET": True} ALERT_REPORTS_NOTIFICATION_DRY_RUN = True WEBDRIVER_BASEURL = "http://superset:8088/"; # When using docker compose baseurl should be http://superset_app:8088/ # The base URL for the email report hyperlinks. WEBDRIVER_BASEURL_USER_FRIENDLY = WEBDRIVER_BASEURL SQLLAB_CTAS_NO_LIMIT = True WTF_CSRF_ENABLED = False my react application "use client"; import React, { useEffect } from "react"; import axios from "axios"; import { embedDashboard } from "@superset-ui/embedded-sdk"; const supersetUrl = "http://localhost:8088";; const supersetApiUrl = `${supersetUrl}/api/v1/security`; const dashboardId = "af70a229-7d8e-4917-8ce3-795ca257fa85"; const DashboardPage = () => { useEffect(() => { async function getToken() { try { const loginBody = { password: "C@res0ft", provider: "db", refresh: true, username: "sracharts", }; const { data } = await axios.post( `${supersetApiUrl}/login`, loginBody, { headers: { "Content-Type": "application/json" }, withCredentials: true, } ); const accessToken = data.access_token; console.log("Access Token:", accessToken); /*** Step 2: Fetch Guest Token ***/ const guestTokenBody = JSON.stringify({ resources: [{ type: "dashboard", id: dashboardId }], rls: [{"clause": "customer_id=4"}], user: { username: "sracharts", first_name: "Sra", last_name: "Application" }, }); const guestTokenResponse = await axios.post( `${supersetApiUrl}/guest_token/`, guestTokenBody, { headers: { "Content-Type": "application/json", Authorization: `Bearer ${accessToken}` }, withCredentials: true, } ); const guestToken = guestTokenResponse.data.token; console.log("Guest Token:", guestToken); /*** Step 3: Embed Dashboard ***/ const mountPoint = document.getElementById("superset-container"); if (!mountPoint) { console.error("Error: mountPoint is null."); return; } console.log('mount points') embedDashboard({ id: dashboardId, supersetDomain: supersetUrl, mountPoint, fetchGuestToken: () => guestToken, dashboardUiConfig: { filters: { expanded: true }, urlParams: { standalone: 3 }, }, }); /*** Step 4: Adjust Iframe Styles ***/ setTimeout(() => { const iframe = document.querySelector("iframe"); if (iframe) { iframe.style.width = "100%"; iframe.style.minHeight = "100vh"; } }, 1000); } catch (error) { console.error("Error fetching token:", error); } } getToken(); }, []); return ( <div> <h2 className="text-lg font-bold mb-4">Embedded Superset Dashboard</h2> <div id="superset-container" className="border p-4"></div> </div> ); }; export default DashboardPage; ENABLE_CORS = True ALLOW_CORS = True CORS_OPTIONS = { "supports_credentials": True, "allow_headers": ["*"], "resources": ["*"], "origins": ["http://localhost:3000","http://localhost:8088";, "http://localhost:8888","http://localhost:3000/","http://10.100.170.9:3000/";], # replace the port-number # as per your application. } OVERRIDE_HTTP_HEADERS = {'X-Frame-Options': 'ALLOWALL'} TALISMAN_ENABLED = False GUEST_ROLE_NAME = "Gamma" # # Optionally import superset_config_docker.py (which will have been included on # the PYTHONPATH) in order to allow for local settings to be overridden # try: import superset_config_docker from superset_config_docker import * # noqa logger.info( f"Loaded your Docker configuration at " f"[{superset_config_docker.__file__}]" ) except ImportError: logger.info("Using default Docker config...") ### Screenshots/recordings _No response_ ### Superset version master / latest-dev ### Python version 3.9 ### Node version 16 ### Browser Chrome ### Additional context _No response_ ### Checklist - [ ] I have searched Superset docs and Slack and didn't find a solution to my problem. - [ ] I have searched the GitHub issue tracker and didn't find a similar bug report. - [ ] I have checked Superset's logs for errors and if I found a relevant Python stacktrace, I included it here as text in the "additional context" section. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@superset.apache.org.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: notifications-unsubscr...@superset.apache.org For additional commands, e-mail: notifications-h...@superset.apache.org
