Spaces:
Running
on
CPU Upgrade
Running
on
CPU Upgrade
Tadashi
commited on
fix: login in new tab
Browse files- Dockerfile +1 -0
- sso_app_demo.py +118 -0
Dockerfile
CHANGED
@@ -12,6 +12,7 @@ RUN --mount=type=ssh chown -R user:user /app
|
|
12 |
RUN --mount=type=ssh chown -R user:user /usr/local/lib/python3.10
|
13 |
USER user
|
14 |
|
|
|
15 |
COPY data.zip /app
|
16 |
RUN --mount=type=secret,id=KH_DEMO_MODE,mode=0444 \
|
17 |
if [ -f "/run/secrets/KH_DEMO_MODE" ] && [ "$(cat /run/secrets/KH_DEMO_MODE)" = "true" ]; then \
|
|
|
12 |
RUN --mount=type=ssh chown -R user:user /usr/local/lib/python3.10
|
13 |
USER user
|
14 |
|
15 |
+
COPY sso_app_demo.py /app
|
16 |
COPY data.zip /app
|
17 |
RUN --mount=type=secret,id=KH_DEMO_MODE,mode=0444 \
|
18 |
if [ -f "/run/secrets/KH_DEMO_MODE" ] && [ "$(cat /run/secrets/KH_DEMO_MODE)" = "true" ]; then \
|
sso_app_demo.py
ADDED
@@ -0,0 +1,118 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
import os
|
2 |
+
|
3 |
+
import gradio as gr
|
4 |
+
from authlib.integrations.starlette_client import OAuth, OAuthError
|
5 |
+
from decouple import config
|
6 |
+
from fastapi import FastAPI, Request
|
7 |
+
from fastapi.responses import FileResponse
|
8 |
+
from ktem.assets import KotaemonTheme
|
9 |
+
from starlette.config import Config
|
10 |
+
from starlette.middleware.sessions import SessionMiddleware
|
11 |
+
from starlette.responses import RedirectResponse
|
12 |
+
from theflow.settings import settings as flowsettings
|
13 |
+
|
14 |
+
KH_DEMO_MODE = getattr(flowsettings, "KH_DEMO_MODE", False)
|
15 |
+
KH_APP_DATA_DIR = getattr(flowsettings, "KH_APP_DATA_DIR", ".")
|
16 |
+
GRADIO_TEMP_DIR = os.getenv("GRADIO_TEMP_DIR", None)
|
17 |
+
# override GRADIO_TEMP_DIR if it's not set
|
18 |
+
if GRADIO_TEMP_DIR is None:
|
19 |
+
GRADIO_TEMP_DIR = os.path.join(KH_APP_DATA_DIR, "gradio_tmp")
|
20 |
+
os.environ["GRADIO_TEMP_DIR"] = GRADIO_TEMP_DIR
|
21 |
+
|
22 |
+
|
23 |
+
GOOGLE_CLIENT_ID = config("GOOGLE_CLIENT_ID", default="")
|
24 |
+
GOOGLE_CLIENT_SECRET = config("GOOGLE_CLIENT_SECRET", default="")
|
25 |
+
SECRET_KEY = config("SECRET_KEY", default="default-secret-key")
|
26 |
+
|
27 |
+
|
28 |
+
def add_session_middleware(app):
|
29 |
+
config_data = {
|
30 |
+
"GOOGLE_CLIENT_ID": GOOGLE_CLIENT_ID,
|
31 |
+
"GOOGLE_CLIENT_SECRET": GOOGLE_CLIENT_SECRET,
|
32 |
+
}
|
33 |
+
starlette_config = Config(environ=config_data)
|
34 |
+
oauth = OAuth(starlette_config)
|
35 |
+
oauth.register(
|
36 |
+
name="google",
|
37 |
+
server_metadata_url=(
|
38 |
+
"https://accounts.google.com/" ".well-known/openid-configuration"
|
39 |
+
),
|
40 |
+
client_kwargs={"scope": "openid email profile"},
|
41 |
+
)
|
42 |
+
|
43 |
+
app.add_middleware(SessionMiddleware, secret_key=SECRET_KEY)
|
44 |
+
return oauth
|
45 |
+
|
46 |
+
|
47 |
+
from ktem.main import App # noqa
|
48 |
+
|
49 |
+
gradio_app = App()
|
50 |
+
main_demo = gradio_app.make()
|
51 |
+
|
52 |
+
app = FastAPI()
|
53 |
+
oauth = add_session_middleware(app)
|
54 |
+
|
55 |
+
|
56 |
+
@app.get("/")
|
57 |
+
def public(request: Request):
|
58 |
+
root_url = gr.route_utils.get_root_url(request, "/", None)
|
59 |
+
return RedirectResponse(url=f"{root_url}/app/")
|
60 |
+
|
61 |
+
|
62 |
+
@app.get("/favicon.ico", include_in_schema=False)
|
63 |
+
async def favicon():
|
64 |
+
return FileResponse(gradio_app._favicon)
|
65 |
+
|
66 |
+
|
67 |
+
@app.route("/logout")
|
68 |
+
async def logout(request: Request):
|
69 |
+
request.session.pop("user", None)
|
70 |
+
return RedirectResponse(url="/")
|
71 |
+
|
72 |
+
|
73 |
+
@app.route("/login")
|
74 |
+
async def login(request: Request):
|
75 |
+
root_url = gr.route_utils.get_root_url(request, "/login", None)
|
76 |
+
redirect_uri = f"{root_url}/auth"
|
77 |
+
return await oauth.google.authorize_redirect(request, redirect_uri)
|
78 |
+
|
79 |
+
|
80 |
+
@app.route("/auth")
|
81 |
+
async def auth(request: Request):
|
82 |
+
try:
|
83 |
+
access_token = await oauth.google.authorize_access_token(request)
|
84 |
+
except OAuthError:
|
85 |
+
return RedirectResponse(url="/")
|
86 |
+
request.session["user"] = dict(access_token)["userinfo"]
|
87 |
+
return RedirectResponse(url="/")
|
88 |
+
|
89 |
+
|
90 |
+
with gr.Blocks(
|
91 |
+
theme=KotaemonTheme(),
|
92 |
+
css=gradio_app._css,
|
93 |
+
) as login_demo:
|
94 |
+
with gr.Column(elem_id="login-row"):
|
95 |
+
gr.Markdown("<h1 style='text-align:center;'>Welcome to Kotaemon</h1>")
|
96 |
+
btn_login = gr.Button(
|
97 |
+
"Login with Google",
|
98 |
+
variant="primary",
|
99 |
+
elem_id="google-login",
|
100 |
+
)
|
101 |
+
_js_redirect = """
|
102 |
+
() => {
|
103 |
+
url = '/login' + window.location.search;
|
104 |
+
window.open(url, '_blank');
|
105 |
+
}
|
106 |
+
"""
|
107 |
+
btn_login.click(None, js=_js_redirect)
|
108 |
+
|
109 |
+
app = gr.mount_gradio_app(app, login_demo, path="/login-app")
|
110 |
+
app = gr.mount_gradio_app(
|
111 |
+
app,
|
112 |
+
main_demo,
|
113 |
+
path="/app",
|
114 |
+
allowed_paths=[
|
115 |
+
"libs/ktem/ktem/assets",
|
116 |
+
GRADIO_TEMP_DIR,
|
117 |
+
],
|
118 |
+
)
|