Incubator-superset: Redirect After Login to intent url

Created on 10 Oct 2016 · 7Comments · Source: apache/incubator-superset

When You try to access a dashboard and you are not logged in already.
The system will pass you to the login page. (that's ok) but later after login, the system does not redirect you to the dashboard that you tried to access at the first, the system will just redirect you to the welcome screen.

The same happens for iframes.

.ux request inactive

Source

alvarojoao

👍5

Most helpful comment

Implemented a workaround with Superset + Nginx using cookies.

Here is a sample nginx config,
`server {
listen 80;
server_name localhost;

location / {
    add_header Set-Cookie "intended=$uri$is_args$args;Path=/login;Max-Age=120";
    proxy_buffers 16 4k;
    proxy_buffer_size 2k;
    proxy_pass http://127.0.0.1:8000;
}

In superset_config.py,

`from flask import abort, request, redirect, session as web_session
from flask_appbuilder.baseviews import expose
from flask_appbuilder.security.manager import AuthRemoteUserView, AUTH_REMOTE_USER
from superset.security import SupersetSecurityManager
from flask_login import login_user

class CustomAuthRemoteUserView(AuthRemoteUserView):

@expose('/login/')
def login(self):
    if web_session and '_flashes' in web_session:
        web_session.pop('_flashes')

    sm = self.appbuilder.sm
    session = sm.get_session

    # Login user handler
    user = session.query(sm.user_model).filter_by(username=YOUR_USERNAME).first()
    login_user(user)

    intended = request.cookies.get('intended');
    return redirect(intended)

class CustomSecurityManager(SupersetSecurityManager):
authremoteuserview = CustomAuthRemoteUserView

AUTH_TYPE = AUTH_REMOTE_USER
CUSTOM_SECURITY_MANAGER = CustomSecurityManager`

Esthove on 7 Jun 2018

👍4

All 7 comments

Looks like a limitation with flask-application-builder (or the way we are using it). We need to pass explicitly the next url we want to be redirected after login

xrmx on 10 Oct 2016

Notice: this issue has been closed because it has been inactive for 559 days. Feel free to comment and request for this issue to be reopened.

mistercrunch on 23 Apr 2018

Any chance to get it reopened? It's quite basic scenario.

Especially useful when someone passes URL, other person opens and needs to login to view it

DaimonPl on 23 Apr 2018

👍1

Implemented a workaround with Superset + Nginx using cookies.

Here is a sample nginx config,
`server {
listen 80;
server_name localhost;

location / {
    add_header Set-Cookie "intended=$uri$is_args$args;Path=/login;Max-Age=120";
    proxy_buffers 16 4k;
    proxy_buffer_size 2k;
    proxy_pass http://127.0.0.1:8000;
}

In superset_config.py,

class CustomAuthRemoteUserView(AuthRemoteUserView):

@expose('/login/')
def login(self):
    if web_session and '_flashes' in web_session:
        web_session.pop('_flashes')

    sm = self.appbuilder.sm
    session = sm.get_session

    # Login user handler
    user = session.query(sm.user_model).filter_by(username=YOUR_USERNAME).first()
    login_user(user)

    intended = request.cookies.get('intended');
    return redirect(intended)

class CustomSecurityManager(SupersetSecurityManager):
authremoteuserview = CustomAuthRemoteUserView

AUTH_TYPE = AUTH_REMOTE_USER
CUSTOM_SECURITY_MANAGER = CustomSecurityManager`

Esthove on 7 Jun 2018

👍4

Hi @Esthove, im new with superset. Can i know this issue can just changes on superset_config.py?
Because currently give me error, NameError: name 'YOUR_USERNAME' is not defined. im not sure on this part.
user = session.query(sm.user_model).filter_by(username=YOUR_USERNAME).first()

Thanks for the help.

dragscorp88 on 26 Oct 2018

Do we have a fix for this? Can anyone provide more details?

shanthkt on 13 Feb 2019

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions. For admin, please label this issue .pinned to prevent stale bot from closing the issue.