Only allow certain users to see Admin panel

[mayonnaisecolouredbenz7]

Is your feature request related to a problem? Please describe.

I have a user facing app. With Okta as my Oauth provider. The admin panel is very useful but I would like only the devs to be able to access it. As it stands anyone can accidentally stumble into the /admin endpoint

Describe the solution you'd like

I may be well off the mark here but my initial thoughts would be if the admin panel could be a pane perhaps? Then the logic of the code could hide it or show it based on the user info from theauthentication provider

Describe alternatives you've considered

Only alternative I have is to use the debugger inside the app and have that available to only certain users. But would love all the other features of the admin panel aswell

Additional context

This was just a rough thought. If this is not even possible I am happy to be told so. I do plan to build my own metrics and the like in the future. But I like the functionality of the admin panel as is.

[MarcSkovMadsen]

+1

[ndmlny-qs]

There was a recent PR #5386 that merged user based path authentication. I see a way to use this feature with a new command line argument that was suggested by @MarcSkovMadsen here #3179 (comment) for giving the admin page a different name.

I propose adding a new command line argument e.g. --admin-page=<random-string> that can be used along with the --admin command line flag when serving a panel app. Having a new flag maintains backwards compatibility for apps that use only the --admin flag and have no need to use the new feature. The only caveat here is that the <random-string> will need to be in the user's paths that are authenticated to view it.

[ndmlny-qs]

I have a work-in-progress (#5447) that adds a new command line flag named --admin-panel-name, which is a key/value parameter. If this is supplied along with the --admin flag, then the admin page will be served at the value for --admin-panel-name. Using the code from this comment #3179 (comment) and modifying the auth.py file as shown in the code section below, results in the following using the new command

panel serve app1.py app2.py \
--basic-auth credentials.json \
--cookie-secret my_super_safe_cookie_secret \
--admin \
--admin-panel-name="/zort-troz"

The videos below show that both the admin and user still have access to the newly named admin panel. The data flow I'm observing is that the admin panel is created in the Serve class in panel/command/serve.py, which does not have access to the same config object that defines authentication behavior from the get methon in the DocHandler class.

I will move any comments/updates to that PR in the future.

admin admin-page access using the new --admin-page-name="/zort-troz" cli flag

admin-admin-page-rename-access.webm

user admin-page access using the new --admin-page-name="/zort-troz" cli flag

user-admin-page-rename-access.webm

---

code

# auth.py
from typing import Any
from urllib import parse as urlparse

authorized_user_paths = {
    "admin": ["/app1", "/app2", "/zort-troz"],
    "user": ["/app1"],
}

def check_user_authorization(user_info: dict[str, Any], request_path: str) -> bool:
    current_user = user_info["user"]
    if current_user in list(authorized_user_paths.keys()):
        path = urlparse.urlparse(request_path).path
        if path in authorized_user_paths[current_user]:
            return True
    return False