can we use our own authentication-authorisation-session-handling mechanism instead of the one provided in extension.

[ravindra-joshi]

Scenario: A fully developed flask application would always have their own authentication, authorisation and user session handling mechanism. Ideally we should be allowed to use our own mechanism when we use flask-monitoringdashboard so that we have the same login and logout mechanism ; It would also help us in maintaining user sessions; and end user (our clients) would not see two different login screens in the same application. Question # 1: Is it possible to use our authentication functionality instead of the one provided?

We are planning to integrate this extension at source-code level in to our application as we will use it heavily. The best way would be to put this code along side our code base and monkey path only the required authentication and session-handling functions. Is this possible ? Question # 2 : We tried out monkey patching only the required functionalities, but that is not working. Could you suggest a better way of integrating this extension at source code level?

[FlyingBird95]

Hi ravindra-joshi,

Thanks for your issue. Your proposed scenario is indeed a scenario that applies to multiple users of the FMD. Below are our answers:

• Q1: Is it possible to use our authentication functionality instead of the one provided? A1: Currently this is not supported. The authentication is done in the following function: https://github.com/flask-dashboard/Flask-MonitoringDashboard/blob/4961030dc3eb4a805a06c75276248fef15a0b580/flask_monitoringdashboard/core/auth.py#L6

However, what you can do is fork the repository and overwrite this function with:

from functools import wraps

def admin_secure(func):
    @wraps(func)
    def wrapper(*args, **kwargs):
        return func(*args, **kwargs)

But now, you've disabled the security. So everyone that goes to localhost:5000/dashboard/overview can visit the dashboard. which is not what you want. Of course, you can change admin_secure to anything you want, and implement your already-existing authentication in this function (btw don't forget about the secure-function).

• Q2: As Q1 suggests, it is possible to fork the repository and modify this function. However, this is not ideal, since you'll have two versions of the dashboard, and as soon as a new dashboard version is released, you have to manually update the forked repository.

I've also noticed that many flask developers uses Flask-Admin to do their authentication. I think that this would be the perfect solution since it provides the functionality that you want (maybe you're already using this package).

However, currently we don't have the manpower to implement this package in our dashboard. Therefore, if you want this functionality, you'll have to implement it yourself. Feel free to fork the repository, and send a PR to our development branch. After this is accepted, we'll publish a new version for you!

Thanks again for your interesting idea.

Regards,

Patrick

[ericsouza]

Hey, is anything new about this topic? I'm trying to integrate this awesome extension with flask-admin. I was looking for a way to use the Flask-BasicAuth as my authentication for both Flask-Admin and FMD.

[mircealungu]

Hi @ericsouza ! nice to hear that you think the FMD is awesome :) Unfortunately, as @FlyingBird95 explained: we don't have the manpower to add alternative login mechanisms at the moment. Would you be able to do that and send a PR? We'd be happy to talk about it and help you along.