Closed mbklein closed 2 months ago
The identity check is orthogonal to Livebook auth layer. You can disable the token auth with LIVEBOOK_TOKEN_ENABLED=false
:)
The reason it doesn't show up with mix phx.server
is because you are running dev. If you set MIX_ENV=prod
it should match the behaviour.
Yeah, to clarify, the identity provider authenticates everything! the auth is for the "admin" area :)
There's more info about that in the docs: https://hexdocs.pm/livebook/authentication.html
Environment
Elixir 1.17.2 (compiled with Erlang/OTP 26)
git rev-parse HEAD
if running with mix): v0.13.0 and aboveCurrent behavior
Create the file
custom_livebook_auth.exs
:Note that the Authentication Required token prompt comes up. If you paste in the correct token (which you can copy from the Docker log), you can tell that the custom auth succeeded – the username Livebook User is displayed in the sidebar.
Expected behavior
Successful custom auth should bypass token auth. If you repeat the steps above with the
ghcr.io/livebook-dev/livebook:0.12.1
Docker image, you will see the correct behavior.Oddly, I have not been able to reproduce the issue outside of Docker. For example, if you go to the Livebook working directory and run the following, you'll get the expected behavior. The issue only shows up in Livebook ~> 0.13.0 running in Docker.