I want to be able to track which server a user wants to be directed to. I want to have a servername be linked to a team, so it will get populated with the team’s PV. For this, we are creating a custom authenticator, so that we can check for the specific team’s permission when users log in, only allowing them in if they have received the correct entitlement.
When a user goes to a link which looks like .com/hub/login/{username}/{teamname}, I need to be able to grab the teamname to find which entitlement to check for, but it seems to get lost somewhere throughout the redirects. I have a custom OAuthLoginHandler and a custom OAuthCallbackHandler. Is there some way to easily get the teamname from the authenticator?
I’ve tried a few different options such as next_url = handler.get_next_url() and self.get_query_argument(“servername”, default=“”) but both do not give the servername, as it appears that there are some redirects happening for authentication before these functions get called.
class TestAuthenticator(DummyAuthenticator):
def pre_spawn_start(self, user, spawner):
groupnames = [g.name for g in spawner.user.groups]
self.log.info(f"user={user.name} groups={groupnames} server={spawner.name}")
if spawner.name not in groupnames:
raise web.HTTPError(403, "Not allowed")
Thank you! This also will work, I like this for the authentication of users to teams.
However, from the authenticate function, my issue is that the named server that I want to spawn gets lost during redirects. It will start off at .com/hub/spawn/{username}/{teamname}, but on the first call to my auth provider, the redirect URI is statically set to .com/hub/oauth_callback
In the OAuthLoginHandler, I think I need to be able to dynamically set the redirect URI so it will redirect back to /hub/spawn/{username}/{teamname}. And to do this, I need access ot the teamname from OAuthLoginHandler. Is there some good way of doing this, or is this overcomplicating things / there’s a better way to do this?
In general, I want to be able to direct a user straight into their team’s named server after authenticating
The original URL should be passed using the ?next= query parameter, so it should eventually send you back to the URL you were at before your started the authentication process:
Can you open your browser’s network console, and share the list of URLs/redirects?
Thank you for the help, was able to get it working. I just needed to make sure the servername was in the ?next= and then could parse it out using self.get_argument(“next”)