taipy.auth.Authenticator
User Authentication.
Available in Taipy Enterprise only
This class exists only in the Enterprise edition of Taipy.
An Authenticator uses a protocol to validate a username and password combination.
The supported protocols are:
- "LDAP": The authenticator can connect to an LDAP server and requests
the authentication of a given username and password pair.
User roles are retrieved from the LDAP groups assigned to the user. - "Taipy": An internal protocol designed for testing purposes. Configuration allows to specify a password and a set of roles for every user name.
- "None": Provides no authentication. Authentication is assumed to succeed no matter what username and password are provided. User roles are set to an empty set.
Default Authenticator
The first authenticator created by the application (either explicitly or
when login()
is called for the first time) is stored as a special authenticator,
known as the default authenticator.
This authenticator is used in every subsequent calls to login()
.
__init__(protocol, secret_key=None, auth_session_duration=3600, **kwargs)
¶
Initialize a new Authenticator.
Parameters:
Name | Type | Description | Default |
---|---|---|---|
protocol |
str
|
The name of the protocol to use ("ldap", "taipy" or "none"). |
required |
secret_key |
Optional[str]
|
A secret string used to internally encrypt the credentials' information. The default value is set at run-time to a random text string. |
None
|
auth_session_duration |
int
|
How long, in seconds, are credentials valid after their creation. The default value is 3600, corresponding to an hour. |
3600
|
**kwargs |
Dict
|
Additional arguments that depend on the indicated protocol.
|
{}
|
get_default()
staticmethod
¶
Returns the default Authenticator.
If there is no default Authenticator
, one is created:
-
If Taipy Core is installed (the
taipy.core
package), then this function looks in the Global Configuration for properties that might define a default authenticator. Specifically, if the Config.global_config.auth_protocol property is set, then it indicates what kind of authenticator ("none", "taipy" or "ldap") should be created as the default authenticator. It corresponds to the protocol argument of theAuthenticator
constructor
Other global configuration properties can be set to further configure the default authenticator as we can see in the documentation for the constructor forAuthenticator
. -
If the main Python script sits next to a
taipy_auth_<protocol>.json
file, anAuthenticator
for this protocol is created.
Supported protocols are "none", "ldap" and "taipy". The documentation for theAuthenticator
class provides more information.
This file should contain the JSON representation of the config dictionary parameter of theAuthenticator
constructor. - If no such file exists, a None Authenticator is created.
This new authenticator is then set as the default authenticator.
login(username, password)
¶
Log a user in.
This function uses this authenticator's protocol to try to authenticate the user with the provided password.
Parameters:
Name | Type | Description | Default |
---|---|---|---|
username |
str
|
The name of the user to authenticate. |
required |
password |
str
|
The password to use to authenticate the user. |
required |
Returns:
Name | Type | Description |
---|---|---|
Credentials |
Credentials
|
On success, a valid |
Raises:
Type | Description |
---|---|
InvalidCredentials
|
If the user and password do not match. |