Superset单点登录调整源码
///修改config.py?
from flask_appbuilder.security.manager import AUTH_REMOTE_USER
AUTH_TYPE=AUTH_REMOTE_USER
from custom_sso_security_manager import CustomSsoSecurityManager
CUSTOM_SECURITY_MANAGER = CustomSsoSecurityManager
AUTH_USER_REGISTRATION = True ? #允許用戶注冊
AUTH_USER_REGISTRATION_ROLE = "Gamma" ?#設置默認添加用戶角色
/superset根目錄添加custom_sso_security_manager.py
from superset.security import SupersetSecurityManager
import logging
from flask_appbuilder.security.views import AuthRemoteUserView, expose
from flask_appbuilder.const import LOGMSG_WAR_SEC_LOGIN_FAILED
from flask import request,g, redirect
from flask_login import login_user, logout_user
import requests
import json
logger = logging.getLogger(__name__)
CAS_LOGIN_SERVER_URL = 'http://xxxxx/api/login/casLogin'
CAS_CHECK_SERVER_URL = 'http://xxxxx/api/login/currentUser'
CAS_LOGINOUT_SERVER_URL = 'http://xxxxx/api/login/out'
class MyAuthRemoteUserView(AuthRemoteUserView):
? ? # this front-end template should be put under the folder `superset/templates/appbuilder/general/security`
? ? # so that superset could find this templates to render
? ? login_template = 'appbuilder/general/security/login_my.html'
? ? title = "My Login"
? ? # this method is going to overwrite?
? ? # https://github.com/dpgaspar/Flask-AppBuilder/blob/master/flask_appbuilder/security/views.py#L556
? ? @expose('/login/', methods=['GET', 'POST'])
? ? def login(self):
? ? ? ? print("My special login...")
? ? ? ? if not g.user or not g.user.get_id():
? ? ? ? ? ? return redirect(CAS_LOGIN_SERVER_URL+"?redirect="+request.host_url+"logincas")
? ? ? ? print("loginSSO")
? ? ? ? print(request.host_url)
? ? @expose('/logincas/', methods=['GET', 'POST'])
? ? def logincas(self):
? ? ? ? token=request.args.get('token')
? ? ? ? print("logincas"+token)
? ? ? ? manager=self.appbuilder.sm
? ? ? ? result = requests.get(CAS_CHECK_SERVER_URL + '?token=' + token)
? ? ? ? userCAS = json.loads(result.content)
? ? ? ? username=userCAS["loginName"]
? ? ? ? user = manager.find_user(username=username)
? ? ? ? print(user)
? ? ? ? # User does not exist, create one if auto user registration.
? ? ? ? if user is None and manager.auth_user_registration:
? ? ? ? ? ? user = manager.add_user(
? ? ? ? ? ? # All we have is REMOTE_USER, so we set
? ? ? ? ? ? # the other fields to blank.
? ? ? ? ? ? ? ? username=username,
? ? ? ? ? ? ? ? first_name=username.split('@')[0],
? ? ? ? ? ? ? ? last_name='-',
? ? ? ? ? ? ? ? email=username,
? ? ? ? ? ? ? ? role=manager.find_role(manager.auth_user_registration_role))
? ? ? ? # If user does not exist on the DB and not auto user registration,
? ? ? ? # or user is inactive, go away.
? ? ? ? elif user is None or (not user.is_active):
? ? ? ? ? ? logger.info(LOGMSG_WAR_SEC_LOGIN_FAILED.format(username))
? ? ? ? ? ? return None
? ? ? ? ? ??
? ? ? ? manager.update_user_auth_stat(user)
? ? ? ? print(user)
? ? ? ? login_user(user, remember=False)
? ? ? ? return redirect(self.appbuilder.get_url_for_index)
? ? @expose("/logout/")
? ? def logout(self):
? ? ? ? logout_user()
? ? ? ? print("loginout")
? ? ? ? return redirect(CAS_LOGINOUT_SERVER_URL+'?redirect='+request.host_url)
? ? ? ?
class CustomSsoSecurityManager(SupersetSecurityManager):
? ? authremoteuserview=MyAuthRemoteUserView
? ??
Gamma角色添加權限
默認Gamma角色不能訪問庫,需設置角色,添加all database access on all_database_access權限(全部數據庫)。
總結
以上是生活随笔為你收集整理的Superset单点登录调整源码的全部內容,希望文章能夠幫你解決所遇到的問題。
- 上一篇: js操作indexedDB增删改查示例
- 下一篇: 离线网页地图开发-详细开发过程