hazza/jupyterhub
1
0
Fork 0
mirror of https://github.com/jupyterhub/jupyterhub.git synced 2025-10-17 06:52:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

Incorporate review feedback

Browse Source
This commit is contained in:
Bruno P. Kinoshita
2020-02-21 10:32:11 +13:00
parent 287b0302d9
commit f5bd5b7751
1 changed files with 12 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
docs/source/getting-started/security-basics.rst
View File

@@ -87,12 +87,13 @@ Proxy authentication token
The Hub authenticates its requests to the Proxy using a secret token that
the Hub and Proxy agree upon. The value of this token should be a random
string (for example, generated by ``openssl rand -hex 32``).
string (for example, generated by ``openssl rand -hex 32``). You can store
it in the configuration file or an environment variable
Generating and storing token in the configuration file
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Or you can set the value in the configuration file, ``jupyterhub_config.py``:
You can set the value in the configuration file, ``jupyterhub_config.py``:
.. code-block:: python
@@ -191,12 +192,16 @@ Cookies used by JupyterHub authentication
The following cookies are used by the Hub for handling user authentication.
This section was created based on this post_ from Discourse.
.. _post: https://discourse.jupyter.org/t/how-to-force-re-login-for-users/1998/6
jupyterhub-hub-login
~~~~~~~~~~~~~~~~~~~~
This is the login token used when visiting Hub-served pages encrypted such
as the main home, the spawn form, etc. If this cookie is set, then the
user is logged in.
This is the login token used when visiting Hub-served pages that are
protected by authentication such as the main home, the spawn form, etc.
If this cookie is set, then the user is logged in.
Resetting the Hub cookie secret effectively revokes this cookie.
@@ -205,8 +210,8 @@ This cookie is restricted to the path ``/hub/``.
jupyterhub-user-<username>
~~~~~~~~~~~~~~~~~~~~~~~~~~
This is the cookie used for authenticating with a single-user server
encrypted. It is set by the single-user server after OAuth with the Hub.
This is the cookie used for authenticating with a single-user server.
It is set by the single-user server after OAuth with the Hub.
Effectively the same as ``jupyterhub-hub-login``, but for the
single-user server instead of the Hub. It contains an OAuth access token,