GitHub user gabriel-korbato added a comment to the discussion: How to customize
authentication in version 6
@dosu I experimented a lot with variants of your suggestion, but there are
still issues and behavior I don't understand. Generally I get a stack trace
that ends in the following:
```
File "/opt/superset/venv/lib/python3.12/site-packages/superset/views/auth.py",
line 40, in login
if g.user is not None and g.user.is_authenticated:
^^^^^^^^^^^^^^^^^^^^^^^
AttributeError: 'bool' object has no attribute 'is_authenticated'
```
I got it to work by adding a line that logs the value of `g.user` or
`g.user.is_authenticated` after calling `self.add_user()`. If I comment out
this line, I get a 500 error and the stack trace above, but if I include the
logging statement, it cycles through what seem like many requests over several
seconds, and eventually it works. For clarity, this is how my code looks now:
```
class CustomSecurityManager(SupersetSecurityManager):
def request_loader(self, request):
# get auth variables from environment, as set by middleware
username = request.environ.get("REMOTE_USER")
first_name = request.environ.get("FIRST_NAME")
last_name = request.environ.get("LAST_NAME")
roles = request.environ.get("ROLES")
# verify that the username is set
if not username:
log.info("No REMOTE_USER in environment.")
return None
user = self.find_user(username=username)
if not user:
log.info(f"Adding new user: {username} for request {request}")
user = self.add_user(
username=username,
first_name=first_name,
last_name=last_name,
email=username,
role=self.find_role("Gamma")
)
log.info(f"{g.user.is_authenticated}") # without this line, it does
not work
else:
# Update user if necessary
return user
```
The calls you suggested earlier to `self.session.commit()` don't appear to be
necessary, and I think this is because the session is committed from within the
code for `add_user`.
Why is the `request_loader` method being hit many times for a single web
request? The high number of cycles takes a few seconds of computation time,
making it seem unresponsive for a few seconds.
Why is it that in the handling of most of those requests, the call to
`self.add_user()` seems ineffective, in that if I follow with a call to
`self.find_user()` it returns `None`, but eventually after many cycles the user
is added and it returns a user object?
What is it about logging the value of `g.user` or `g.user.is_authenticated`
that makes this work?
GitHub link:
https://github.com/apache/superset/discussions/38199#discussioncomment-15904696
----
This is an automatically sent email for [email protected].
To unsubscribe, please send an email to:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
