GitHub user dosubot[bot] added a comment to the discussion: I want to use OAuth2 for login and access the enterprise WeChat login authentication simultaneously. When accessing from enterprise WeChat, it should default to using the enterprise WeChat's OAuth2 authentication. Additionally, it should support direct login with account and password, allowing users to enter their account and password directly in the browser for login. How should I configure this?
<!-- Answer --> I found a similar unsolved discussion on implementing both OAuth2 authentication and traditional username/password login simultaneously in Apache Superset <sup>[[1]](https://github.com/apache/superset/discussions/32472)</sup>. To achieve your requirements, you can configure multiple authentication methods in Apache Superset by implementing a custom security manager. Here's a general approach: 1. **Custom Security Manager**: Create a custom security manager in your `superset_config_docker.py` file to handle different authentication methods. 2. **Custom Authentication View**: Implement a custom authentication view to handle OAuth2 and traditional login. You can use the `AuthDBView` class to customize the login behavior. 3. **Detect Access Source**: Implement logic to detect if the access is from enterprise WeChat and default to using its OAuth2 authentication. This might involve checking request headers or parameters specific to enterprise WeChat. 4. **Direct Login Support**: Ensure that the standard login form is available for users to enter their username and password directly. Here's a basic example of how you might start implementing this: ```python from flask import redirect, request from superset.security import SupersetSecurityManager from flask_login import login_user from flask_appbuilder.security.views import AuthDBView from flask_appbuilder.security.views import expose class CustomAuthDBView(AuthDBView): @expose('/login/', methods=['GET', 'POST']) def login(self): # Detect if the request is from enterprise WeChat if 'enterprise_wechat' in request.headers: # Handle enterprise WeChat OAuth2 login # Implement your OAuth2 logic here pass else: # Handle traditional username/password login return super(CustomAuthDBView, self).login() class CustomSecurityManager(SupersetSecurityManager): authdbview = CustomAuthDBView def __init__(self, appbuilder): super(CustomSecurityManager, self).__init__(appbuilder) CUSTOM_SECURITY_MANAGER = CustomSecurityManager ``` This example provides a starting point, and you'll need to implement the specific logic for handling enterprise WeChat OAuth2 authentication. Additionally, you may need to configure the `DATABASE_OAUTH2_CLIENTS` dictionary to include your OAuth2 client details for enterprise WeChat <sup>[[2]](https://github.com/apache/superset/discussions/32038)</sup>. <!-- Dosu Comment Footer --> *To continue talking to [Dosu](https://dosu.dev), mention @dosu.* --- <sup>Help Dosu learn! Give it feedback: [Great Response](https://app.dosu.dev/response-feedback/cb0cba0d-b8cf-449f-ab12-4fc274e4a0dc?feedback_type=great_response) | [Irrelevant Answer](https://app.dosu.dev/response-feedback/cb0cba0d-b8cf-449f-ab12-4fc274e4a0dc?feedback_type=irrelevant_answer) | [Incorrect Sources](https://app.dosu.dev/response-feedback/cb0cba0d-b8cf-449f-ab12-4fc274e4a0dc?feedback_type=incorrect_sources) | [Too Verbose](https://app.dosu.dev/response-feedback/cb0cba0d-b8cf-449f-ab12-4fc274e4a0dc?feedback_type=too_verbose) | [Hallucination](https://app.dosu.dev/response-feedback/cb0cba0d-b8cf-449f-ab12-4fc274e4a0dc?feedback_type=hallucination) | [Bug Report](https://app.dosu.dev/response-feedback/cb0cba0d-b8cf-449f-ab12-4fc274e4a0dc?feedback_type=bug_report) | [Other](https://app.dosu.dev/response-feedback/cb0cba0d-b8cf-449f-ab12-4fc274e4a0dc?feedback_type=other)</sup> GitHub link: https://github.com/apache/superset/discussions/32809#discussioncomment-12591353 ---- This is an automatically sent email for [email protected]. To unsubscribe, please send an email to: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
