I implemented very rudimentary simple HTTP authentication for Prodigy and wanted to share it with anyone who’s interested. I know this isn’t secure but it’s the best I could do with my minimal web skills. It would be great to have something like Jupyter’s token-based authentication some day.
At line 43 of app.py, add this:
authentication = hug.authentication.basic(hug.authentication.verify('annotator1', 'mypassword'))
@hug.static('/', requires = authentication)
def serve_static():
# NB! This currently serves whole drive! Does nothing to prevent '../'
return (str(Path(__file__).parent / 'static'),)
Sorry I feel like I am missing something. How would you apply this to the specific prodigy web app instance? Or are you suggesting modifying the Prodigy source code?
Yes, Prodigy ships with the source for its app.py, so you can easily adapt it or see how it works and write a similar wrapper using Hug or a different library.
Since this thread was started, @andy has actually developed a super cool open-source extension for Prodigy that implements a multi-user setup plus various other features. You can find it here:
I applied @andy’s cool hug authentication but it doesn’t work.
I get this Oops, something went wrong :( error after entering the credentials.
I noticed on Chrome’s developer tools is that the call to /project fails with HTTP 401 with the following error message: {"errors":{"Invalid Authentication":"Provided api_jwt credentials were invalid"}}
I was having authentication issues using ngrok, I suppose the basic authentication header used by ngrok conflicts with the JWT validation, I apply your suggested change and it works fine, thanks.
I ended up creating a https proxy with basic authentication using nginx. Works great after this change!
The option of enabling basic authentication using hug is not a valid option for us as it only protects / and leaves the API calls publicly accessible.
Thanks for the help @justindujardin!