✊🏿 Black Lives Matter. Please consider donating to Black Girls Code today.
🐇 Announcing Dash VTK for 3d simulation graphics. Check out the March webinar.

Flask-user and dash?

Hi,

I’m building a flask-app that really needs different user access-levels assigned to roles. This works very well with flask-user https://flask-user.readthedocs.io/en/latest/

Only trouble is dash integration. As I can’t use decorators in dash as with flask-user there seem to be only three options:

  • use of iframes making the role model for users useless,
  • using a different library to render graphs - something I’d really like to avoid

Any ideas? And password behind password with using https://dash.plot.ly/authentication doesn’t seem like a great idea.

Best regards,
Wonko.

1 Like

My multi-page callback, that based on location picks right layout and places it in children of html.Div(id='page') first checks if user is authenticated, if not, it returns login layout by default.

What I am doing is keep a dict of something like:

pages_dict = {
    'index': {'url'='/', 'layout'=pages.index.layout},
    'view1': {'url'='/view1', 'layout'=pages.view_one.layout}
}

and match pathname of location to url, if it matches pick layout. You could also set URL’s as dictionary keys as I am not doing it for different reasons.

The callback is then:

@app.callback(
    Output('page', 'children'),
    [Input('location', 'pathname')])
def display_content(pathname: str):
    if pathname is None:
        return html.Div()
    if current_user.is_authenticated:
        matched = [c for c in pages.keys()
                   if re.fullmatch(pages[c]['url'], pathname)]
        if matched:
            page_content = pages[matched[0]]['layout']
        else:
            page_content = [
                html.H1("Not found"),
                html.P("Requested URL '{}' was not found".format(pathname))
            ]
        content = html.Div(page_content)
    else:
        content = pages['login']['layout']
    return content

You can check if user is authenticated and has required role for selected url. Allowed roles could be kept in the dict as a list.

1 Like

Thanks a lot for this. I will try… looks very interesting!