Question: did you test dash-addons like dash-uploader, and did you try to add an authentication mechanism?

[sorenwacker]

Hi,
I have tried the django-plotly-dash integration before, but some elements where difficult to get working. For example, the dash-uploader, needed some specific endpoints. And it was not so straigthforward to let the dash app know about the current user regarding authorization. I wonder, do you have experience with these things using fastapi-plotly-dash?

[rusnyder]

Hi @sorenwacker !

First a note: While similarly named, this repo and django-plotly-dash serve different purposes, in that the Django project is an actual library to ease that integration, whereas this is just a sample project demonstrating how one might wire a Dash app into a FastAPI webserver.

With that said, to your specific question of "how to let the dash app know about the current user", I've solved this in a commercial project and it did require some non-trivial hoop jumping:

1. Add session middleware to your FastAPI app and ensure it serializes sessions in a Flask-compatible way
   • Starlette's starlette.middleware.sessions.SessionMiddleware and Flask's flask.sessions.SecureCookieSession are not compatible, so if you create sessions using Starlette, you will be unable to use from flask import session to access the Session
   • To solve this, I just updated FastAPI's session serializer to use the same effective internal calls as Flask's sessions to simplify session access from the Dash app
2. Add auth middleware to the FastAPI app which updates the session with user info
3. From the Dash app, just use from flask import session and access the user info from the session

I'm a little swamped today, but if I have time later this week I'll come back an share an example (or just update this project to contain a few example setups, one of which shows how to wire in shared auth)

[sorenwacker]

That would be amazing. I implemented something like that, using a Flask server for the auth, before, for a scientific application, but looks quite bumpy, and I found some security issues as well.

[rusnyder]

That would be amazing. I implemented something like that, using a Flask server for the auth, before, for a scientific application, but looks quite bumpy, and I found some security issues as well.

It's not terribly bumpy and definitely doable, but it is delicate from a security standpoint (relatively easy to misconfigure, IMO).

I'll keep you posted when I find the spare time 😄

[jorge243]

Hey! Any updates on this?