Skip to content

Commit

Permalink
add server auth docs
Browse files Browse the repository at this point in the history
  • Loading branch information
chrispyles committed Feb 19, 2024
1 parent 64db0ff commit 591cbd8
Show file tree
Hide file tree
Showing 2 changed files with 5 additions and 1 deletion.
2 changes: 2 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
@@ -1,5 +1,7 @@
# nbforms

[![Run tests](https://github.com/chrispyles/nbforms/actions/workflows/run-tests.yml/badge.svg)](https://github.com/chrispyles/nbforms/actions/workflows/run-tests.yml)
[![codecov](https://codecov.io/github/chrispyles/nbforms/graph/badge.svg?token=GK2LAP9034)](https://codecov.io/github/chrispyles/nbforms)
[![Documentation Status](https://readthedocs.org/projects/nbforms/badge/?version=latest)](https://nbforms.readthedocs.io/en/latest/?badge=latest)
[![Binder](https://mybinder.org/badge_logo.svg)](https://mybinder.org/v2/gh/chrispyles/nbforms/master?filepath=demo%2Fdemo.ipynb)

Expand Down
4 changes: 3 additions & 1 deletion docs/install_deploy.md
Original file line number Diff line number Diff line change
Expand Up @@ -44,7 +44,9 @@ Note that the process described above involves running a **development** server

## Authentication

<!-- TODO: NBFORMS_SERVER_NO_AUTH_REQUIRED -->
By default, any time a user authenticates with a username that is not present in the database, a new user is created with the password they provided. If the user already exists, the provided password is verified and, if correct, they are provided with an API key. To prevent malicious users from stealing other users' usernames before they log in for the first time, you can seed the database (more on this [below](#seeding-data)).

It is also possible to run the server such that each session is treated as a different user (requiring no authentication). To enable this, set an environment variable `NBFORMS_SERVER_NO_AUTH_REQUIRED="true"` in the environment running the server and set `auth` to `none` in your nbforms config (more details [here](./notebook_usage)). In this mode, every time a `Form` is instantiated, it will receive an API key that corresponds to a **new** user in the database; this means that if a user runs the cell creating a `Form` more than once, each run will create a `Form` instance attached to a different user.

## Managing the Server

Expand Down

0 comments on commit 591cbd8

Please sign in to comment.