Open tomnewg opened 4 years ago
jtpio
commented
4 years ago Thanks @tomnewg.
It sounds like the idea of the prelaunch hook in https://github.com/voila-dashboards/voila/pull/218 could help adding auth: https://github.com/voila-dashboards/voila/pull/218#issuecomment-545084194
mgmarino
commented
4 years ago Hi @tomnewg, I'm not sure if this is the use case you are looking for (i.e. I'm not sure if the distinction of "authentication" vs "authorization" is important to you), but we have solved at least the "authentication" part by running our voila service on AWS ECS and placing it behind an AWS Cognito service that enforces Google OAuth. The server itself is public, but only company logins can access. Now, this doesn't even touch the voila server until the authentication itself succeeds, at which point it does forward information in the request to the voila server, which could in principle be used for fine-grained "authorization".
The PR referenced by @jtpio is definitely a way to go for this "authorization".
For the authentication piece, I'd be happy to try to boil down what we did into some documentation here that might help folks out. For us, this was a critical component of getting buy-in from management to use voila as our live BI-dashboard backend.
tomnewg
commented
4 years ago Hi @mgmarino, thanks for your reply. Ideally, I am looking for both, but yes I am looking firstly for authentication and then authorization. I basically have two use cases.
Your solution sounds like to solve the latter right? Documentation for both cases would be extremely useful as I have seen a lot of people asking for this. I am also happy to help/support you in any way I can. Just hit me up.
illinineverdie
commented
3 years ago @mgmarino I am new to voila, I would like to containerize voila with an ipynb and serve up a URL from it. I am curious how you containerized voila with the notebook\ipynb file to offer up the URL. (may be missing the info in docs somewhere)
Is there a sample project using docker somewhere I can look at?
GregSilverman
commented
3 years ago @mgmarino I too am looking for both. We have a private VM open to the world that will be serving a voila instance behind a Flask app. I noticed that issue #576 had a similar use case to ours (our Flask app is running on a docker-compose cluster with reverse proxying from an nginx server and we will be deploying voila through a Jupyter NB server).
Any pointers would be most appreciated.
mgmarino
commented
3 years ago I think we're at risk of going way off topic here, but I'm not sure where such information would best go? Let me at least give you some more details to our setup. We don't need/use nginx and you might find you could do without it, too. Our services are running on AWS.
Here are some important parts of our Stack, I'm going to use cloudformation resource names:
The ELBV2 basically works out of the box. There's no special configuration for the websockets needed for voila to work, etc. We have some minor issues (e.g. when deploying a new version of the service), but this is out of scope here.
I've also added (a redacted) Cloudformation stack here. I hope that helps.
To the Voila maintainers, I'd be really happy to know where such info could best go. I think it'd be great to lower the bar to have more people using voila in production. In our experience, it is an extremely powerful piece of a great solution for professional, heavily customizable dashboards.
karan-samat
commented
3 years ago Is there any documentation to add authentication by deploying Voila on AWS?
Hi guys,
I am running voila on a public heroku app and would love to put authentication before. I have seen a few threads here on this topic but none of the posts helped me to solve the issue.
Is there any update on this? Any document/post you can hint me to on how to put an auth handler before the notebook is launched.
Many thanks
Tom