-
Notifications
You must be signed in to change notification settings - Fork 357
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
chore: logins return Sessions #8883
Conversation
✅ Deploy Preview for determined-ui ready!
To edit notification comments on pull requests, go to your Netlify site configuration. |
Codecov ReportAttention: Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## main #8883 +/- ##
==========================================
+ Coverage 47.74% 47.75% +0.01%
==========================================
Files 1161 1161
Lines 143093 143070 -23
Branches 2372 2370 -2
==========================================
+ Hits 68318 68330 +12
+ Misses 74622 74587 -35
Partials 153 153
Flags with carried forward coverage won't be shown. Click here to find out more.
|
9dc6474
to
3da73c1
Compare
3da73c1
to
ba344f7
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
My name is @rb-determined-ai, and I approve of this change.
But also, what if UnauthSession
had login
and login_with_cache
on it? That might be a more natural way to configure the retries.
Or it might be making the relationship between objects too complicated (that is how I felt, because I did consider that at some point).
But I wanted to voice it in case you hadn't thought of it and you loved the idea.
In code, class UnauthSession(BaseSession):
def login(self, user, password) -> Session:
...
def login_with_cache(self, user, password) -> Session:
...
sess = api.UnauthSession(master, cert).login(user, password) I like it. I don't know if I prefer it on the whole (makes creating a new session a little more awkward), but I do think it's a better abstraction to have implemented. FWIW, I think adding an optional |
I mean, I think you would put |
i had originally thought login methods returning a session would be a great abstraction. the more i look at it/think about it, the less sure i am. i think you're right that a parameter like i don't know how feasible this is, so take this however seriously you want. it's probably not worth the effort as i don't see it providing much value, and i think what you have is fine. just my $0.02. |
Oh... Yeah. That's better. |
Unlike ``login``, this function may not send a login request to the master. It will instead | ||
first attempt to find a valid token in the TokenStore, and only if that fails will it post a | ||
login request to the master to generate a new one. As with ``login``, the token is then baked | ||
into a new api.Session object to sign future communication with master. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
quotes api.Session
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Fixed. Thanks!
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
lgtm
I do like this idea. A lot. But I'm not sure how much more I like it than what's implemented, and keeping in mind ROI I don't think it's worth working out. |
@@ -75,8 +75,7 @@ def main(): | |||
notebook_server = f"https://127.0.0.1:{port}/proxy/{notebook_id}" | |||
master_url = api.canonicalize_master_url(os.environ["DET_MASTER"]) | |||
cert = certs.default_load(master_url) | |||
utp = authentication.login_with_cache(info.master_url, cert=cert) | |||
sess = api.Session(master_url, utp, cert) | |||
sess = authentication.login_with_cache(master_url, cert=cert) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Unrelated to the change; this looks like a bugfix. info
had not been in scope.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Decided to not implement a regression test. This doesn't seem like functionality we care much about.
5320a7a
to
db781d5
Compare
import json as _json | ||
from typing import Any, Dict, Optional, Tuple, Union | ||
from typing import Any, Dict, Optional, Tuple, TypeVar, Union | ||
|
||
import requests | ||
import urllib3 | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think this will also need to be updated
utp = authentication.login("http://127.0.0.1:8080", "admin", "", cert) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Fixed. I hadn't known that **/*.py
glob skipped hidden directories. Thanks for catching this.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Approving CI changes on behalf of infra
055c190
to
9bab34b
Compare
Used to return an intermediate `UsernameTokenPair` that itself was used for sessions. This class has been removed. Also contains new `BaseSession.with_retry` to modify retries (by creating new sessions).
Also includes a bugfix in `check_idle.py`, I think, where master wasn't being propagated.
9bab34b
to
f6251f0
Compare
Logins used to return an intermediate UsernameTokenPair that itself was used to create Sessions. We did it this way because the job of login is to find/create a valid token. But because login itself is a user-facing command, and tokens are an implementation detail most people don't care about, this patch updates the login API to just return a Session (the thing most users cared about in the first place). If a user really wants to get a token, they can always access the token in the Session. Additionally as a part of this patch, the UsernameTokenPair class has been removed -- it was kind of an in-between abstraction to make it easier for callers of login to create sessions. This change also contains new BaseSession.with_retry to modify retries (by creating new sessions). We needed some mechanism for users to set retry to something other than the default, and passing retry into login would have been a weird interface (what does the retry of the eventual session have to do with logging in?).
Logins used to return an intermediate
UsernameTokenPair
that itself was used to create Sessions. We did it this way because the job oflogin
is to find/create a valid token. But becauselogin
itself is a user-facing command, and tokens are an implementation detail most people don't care about, this patch updates the login API to just return a Session (the thing most users cared about in the first place).If a user really wants to get a token, they can always access the token in the Session.
Additionally as a part of this patch, the
UsernameTokenPair
class has been removed -- it was kind of an in-between abstraction to make it easier for callers of login to create sessions.This change also contains new
BaseSession.with_retry
to modify retries (by creating new sessions). We needed some mechanism for users to set retry to something other than the default, and passing retry into login would have been a weird interface (what does the retry of the eventual session have to do with logging in?).MD-283
Description
Test Plan
Commentary (optional)
Checklist
docs/release-notes/
.See Release Note for details.
Ticket