You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I noticed that when attaching to a FastAPI instance using ui.run_with one has to use the same secret like the FastAPI SessionMiddleware - otherwise the session data is not persistence across page reloads. This seems to be problematic in two ways:
Setting a storage_secret seems to be redundant as it is already set in the middleware.
Setting another secret does not result in an error but instead results in non-persistent sessions.
Debugging, took me a while, so I would recommend to improve the feedback if the user tries to set another password and/or to improve the web examples for attaching to an existing FastAPI instance (e.g. show the example how to attach to an app with a installed middleware).
When writing the MRCE I also noticed, that initializing NiceGUI will break all endpoints defined later in the code via FastAPI. I don't know if this is problematic, but it seems weird. You may have a look at this.
MRCE:
File 1: main.py
importuvicornfromfastapiimportFastAPI, Requestfromng_pageimportstoragefromniceguiimportuifromstarlette.middleware.sessionsimportSessionMiddleware# /test1 : http://localhost:8080/test1# /test2 : http://localhost:8080/test2# /testR : http://localhost:8080/testR# /storage : http://localhost:8080/storageapp=FastAPI()
refresh_count=0@app.get("/testR")deftR(request: Request):
globalrefresh_countrequest.session['refresh_count'] =refresh_countrefresh_count+=1returnf"refresh to increase counter: {refresh_count}"@app.get("/test1")deft1():
return"test1"case=3ifcase==0: # ----- No key set -----pass# /test1 is accessible# /test2 is accessible# /testR gives an error (because the SessionMiddleware is not installed)# /storage is not accessible (because nicegui is not running)ifcase==1: # ----- Setting a key only for the fastapi app -----app.add_middleware(SessionMiddleware, secret_key='themagickey')
# /test1 is accessible# /test2 is accessible# /testR is accessible and the session is working# /storage is not accessible (because nicegui is not running)ifcase==2: # ----- Setting a key only for the storage -----ui.run_with(app, storage_secret='aregularkey')
# /test1 is accessible# /test2 is not accessible (initializing nicegui breraks any later defined access points in the fastapi app)# /testR gives an error (because the SessionMiddleware is not installed)# /storage is accessible and the storage is workingifcase==3: # ----- Setting key for the fastapi app but not for NiceGUIapp.add_middleware(SessionMiddleware, secret_key='themagickey')
ui.run_with(app)
# /test1 is accessible# /test2 is accessible# /testR is accessible and the session is working# /storage gives hint to set the storage_secretifcase==4: # ----- Setting different keys for the app and the storage -----app.add_middleware(SessionMiddleware, secret_key='themagickey')
ui.run_with(app, storage_secret='aregularkey')
# /test1 is accessible# /test2 is not accessible (see case 2)# /testR is accessible and the session is working# /storage is accessible but the storage is not workingifcase==5: # ----- Setting the same key for both the app and the storage -----app.add_middleware(SessionMiddleware, secret_key='themagickey')
ui.run_with(app, storage_secret='themagickey')
# /test1 is accessible# /test2 is not accessible (see case 2)# /testR is accessible and the session is working# /storage is accessible and the storage is working@app.get("/test2")deft2():
return"test2"if__name__=="__main__":
uvicorn.run("main:app", host="0.0.0.0", port=8080, lifespan='on', use_colors=True, reload=True,)
I've been having similar issues. I haven't figured it out yet, but so far: I need to add TLS to server (i.e. https using Let's Encrypt). I can't find any documentation under NiceGui on hosting a https site which is required these days so I have been trying to run nicegui under FastAPI using ui.run_with. It breaks when I try to add AuthMiddleware to core.api. As an aside: there are two api's one for fastapi and one for core in ui. In addition, middleware can be added to either fastapi or ui (or both?). I can't find documentation dealing with this and it's somewhat confusing and/or convoluted to follow what is going on. Irrespective, when adding AuthMiddleware, dispatch of BaseHTTPMiddleware needs to be replaced. This calls:
right at the beginning which calls (from the storage module):
@propertydefbrowser(self) ->Union[ReadOnlyDict, Dict]:
"""Small storage that is saved directly within the user's browser (encrypted cookie). The data is shared between all browser tabs and can only be modified before the initial request has been submitted. Therefore it is normally better to use `app.storage.user` instead, which can be modified anytime, reduces overall payload, improves security and has larger storage capacity. """request: Optional[Request] =request_contextvar.get()
ifrequestisNone:
ifself._is_in_auto_index_context():
raiseRuntimeError('app.storage.browser can only be used with page builder functions ''(https://nicegui.io/documentation/page)')
raiseRuntimeError('app.storage.browser needs a storage_secret passed in ui.run()')
ifrequest.state.responded:
returnReadOnlyDict(
request.session,
'the response to the browser has already been built, so modifications cannot be sent back anymore'
)
returnrequest.session
This breaks in the very first line as request is None (it shouldn't be None). request_contextvar is declared at the beginning of storage.py:
and it shouldn't be None. In the nicegui authentication example, which uses run(), not run_with(), it is not None at the same location. So far, I can't figure out why it is None when run_with() is used. I tried checking if it might be a different thread, but so far it doesn't seem to be. Still working on it, but getting close to giving up on nicegui because of the difficult getting TLS working (it's alway a pain), but it seems starlette-admin might have it working? I'd prefer to stay with nicegui, but I am running out of time trying to get TLS without documentation or even an example? Any suggestions are appreciated as I'm running out of hair!
Description
I noticed that when attaching to a FastAPI instance using
ui.run_with
one has to use the same secret like the FastAPI SessionMiddleware - otherwise the session data is not persistence across page reloads. This seems to be problematic in two ways:Debugging, took me a while, so I would recommend to improve the feedback if the user tries to set another password and/or to improve the web examples for attaching to an existing FastAPI instance (e.g. show the example how to attach to an app with a installed middleware).
When writing the MRCE I also noticed, that initializing NiceGUI will break all endpoints defined later in the code via FastAPI. I don't know if this is problematic, but it seems weird. You may have a look at this.
MRCE:
File 1: main.py
File 2: ng_page.py
Expected/ideal behavior:
The text was updated successfully, but these errors were encountered: