datasette-ui-extras

Configuration

Authentication, authorization and auditing

Authentication

We rely on Datasette's built-in "actor" mechanism for authentication.

By default, every user is unauthenticated. You can change that by installing a plugin that provides an authentication framework.

The most popular such plugin is datasette-auth-github. This plugin permits people to sign in with their GitHub account. You can then distinguish users based on their GitHub user ID, org membership and team membership.

You can learn more about actors here.

Authorization

We rely on Datasette's built-in "permission" mechanism for authorization.

You can customize the behaviour by authoring a permission_allowed hook.

You can learn more about the default permissions here.

Auditing

We use Datasette's Write API to make changes to your database. The Write API does not have an auditing feature.

If you'd like to track who is making what changes to your system, you can use SQLite's TRIGGER feature combined with the datasette-current-actor plugin.

For example, you might make a trigger that records the value of current_actor_ip() and current_actor('gh_id') to know the IP address and GitHub user ID of the person changing the row.

Previous
Publish to the web
Next
Command-line tools