Datasette plugin that authenticates users against GitHub
Project description
datasette-auth-github
Datasette plugin that authenticates users against GitHub.
This requires datasette master - it uses unreleased plugin hooks.
Setup instructions
- Install the plugin -
pip install datasette-auth-github
- Create a GitHub OAuth app: https://github.com/settings/applications/new
- Set the Authorization callback URL to
http://127.0.0.1:8001/-/auth-callback
- Create a
metadata.json
file with the following structure:
{
"title": "datasette-auth-github demo",
"plugins": {
"datasette-auth-github": {
"client_id": {"$env": "GITHUB_CLIENT_ID"},
"client_secret": {"$env": "GITHUB_CLIENT_SECRET"}
}
}
}
Now you can start Datasette like this, passing in the secrets as environment variables:
$ GITHUB_CLIENT_ID=XXX GITHUB_CLIENT_SECRET=YYY datasette \
fixtures.db -m metadata.json
Note that hard-coding secrets in metadata.json
is a bad idea as they will be visible to anyone who can navigate to /-/metadata
. Instead, we use a new mechanism for adding secret plugin configuration options.
By default, the plugin will redirect signed-out users directly to GitHub.
If you would rather they saw a "You are logged out" screen with a button first, you can change this behaviour by adding the "disable_auto_login" setting to your configuration:
{
"plugins": {
"datasette-auth-github": {
"client_id": "...",
"client_secret": "...",
"disable_auto_login": true
}
}
}
Restricting access to specific users
By default the plugin will allow any GitHub user to log in. You can restrict allowed users to a specific list using the allow_users
configuration option:
{
"plugins": {
"datasette-auth-github": {
"client_id": "...",
"client_secret": "...",
"allow_users": ["simonw"]
}
}
}
You can list one or more GitHub usernames here.
Restricting access to specific GitHub organizations
You can also restrict access to users who are members of a specific GitHub organization:
{
"plugins": {
"datasette-auth-github": {
"client_id": "...",
"client_secret": "...",
"allow_orgs": ["datasette-project"]
}
}
}
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distributions
Built Distribution
Hashes for datasette_auth_github-0.3-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | f5469a98c9b57cdd0c0b85084558c65cfdababbf12ce9fdaf038ac1d92616cd5 |
|
MD5 | 4147868f655efade5ff45af02c783881 |
|
BLAKE2b-256 | 369d25cc3e9677feb69d3cc365c9bb0de926f8ef7661ad0bd133621fbd7d1204 |