JupyterHub Authenticator that lets users set passwords when they first log in
Go to file
Leticia Portella 49a080f9e8 change styling on template reset.html 2018-09-26 18:45:47 -03:00
firstuseauthenticator change styling on template reset.html 2018-09-26 18:45:47 -03:00
.gitignore Initial commit 2016-10-24 20:32:14 -07:00
.pylintrc Initial commit 2016-10-24 20:32:14 -07:00
LICENSE Initial commit 2016-10-24 20:32:14 -07:00
README.md FAQ+Security advice 2018-08-27 18:37:20 -07:00
setup.py add template locally 2018-09-25 19:19:04 -03:00


JupyterHub First Use Authenticator

A JupyterHub authenticator that helps new users set their password on their first login to JupyterHub.

Are you running a workshop from a single physical location, such as a university seminar or a user group?

JupyterHub First Use Authenticator can simplify the user set up for you. It's very useful when using transient JupyterHub instances in a single physical location. It allows multiple users to log in, but you do not have install a pre-existing authentication setup. With this authenticator, users can just pick a username and password and get to work!


You can install this authenticator with:

pip install jupyterhub-firstuseauthenticator

Once installed, configure JupyterHub to use it by adding the following to your jupyterhub_config.py file:

c.JupyterHub.authenticator_class = 'firstuseauthenticator.FirstUseAuthenticator'



Path to the dbm file, or a UNIX database file such as passwords.dbm, used to store usernames and passwords. The dbm file should be put where regular users do not have read/write access to it.

This authenticator's default setting for the path to the passwords.dbm is the current directory from which JupyterHub is spawned.


Create users if they do not exist already.

When set to False, users would have to be explicitly created before they can log in. Users can be created via the admin panel or by setting whitelist / admin list.

Defaults to True.


Why have a password DB and not use PAM ?

For security Reasons. Users are likely to set an, insecure password at login time, and you do not want a brute-force/dictionary attack to manage to login by attacking via ssh or another mean.


When using FirstUseAuthenticator it is advised to automatically prepend the name of the user with a known-prefix (for example jupyter). This would prevent for example, someone to log-in as root, as the created user would be jupyter-root.