Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

jupyter-server v2 generates new user for each request when auth is disabled #1033

Closed
davidbrochart opened this issue Oct 17, 2022 · 3 comments · Fixed by #1076
Closed

jupyter-server v2 generates new user for each request when auth is disabled #1033

davidbrochart opened this issue Oct 17, 2022 · 3 comments · Fixed by #1076
Labels
bug

Comments

@davidbrochart
Copy link
Contributor

Description

With jupyter_server==2.0.0rc3, launching the server with no authentication:

jupyter lab --ServerApp.token='' --ServerApp.password=''

creates a bunch of messages in the console (maybe one for each request):

[I 2022-10-17 15:38:58.918 ServerApp] Generating new user for token-authenticated request: 705352af6e224d44b191366eab6f3a8b
  1. pip install jupyterlab
  2. pip install jupyter-server==2.0.0rc3
  3. jupyter lab --ServerApp.token='' --ServerApp.password=''
  4. See messages as described above.
@davidbrochart davidbrochart mentioned this issue Nov 17, 2022
Closed
@davidbrochart
Copy link
Contributor Author

davidbrochart commented Nov 17, 2022
edited
Loading

This causes JupyterLab to be given a different user name periodically through GET /api/me, see jupyterlab/jupyterlab#13432.

@Zsailer
Copy link
Member

Zsailer commented Nov 17, 2022

cc @minrk

@blink1073 blink1073 mentioned this issue Nov 17, 2022
Closed
9 tasks
@minrk minrk changed the title jupyter-server v2 assumes token authentication jupyter-server v2 generates new user for each request when auth is disabled Nov 18, 2022
@minrk minrk mentioned this issue Nov 18, 2022
Merged
@minrk
Copy link
Contributor

minrk commented Nov 18, 2022

I think this stems from the fact that when auth is disabled we avoid setting the login cookie, which is how we persist the anonymous user info. I see two options:

  1. set the login cookie when auth is disabled, or
  2. continue without cookies, but force a single user object server-side so all requests get the same user model, rather than generating new ones each time

#1076 implements option 1

@daeh daeh mentioned this issue Mar 26, 2023
Open
@rmoff rmoff mentioned this issue May 18, 2023
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

persist userid cookie when auth is disabled minrk/jupyter_server
3 participants
@minrk @Zsailer @davidbrochart