Managing Shiny-Server authentication with Django

Photo by Halacious on Unsplash

Deploying web applications in R with shiny

The Shiny Server Open source is the only application that is made free for the community (shinyapps.io has a free plan, but is limited in number of applications and in hours of usage, while RStudio connect is affordable to medium/large organizations), however its features are limited compared to the commercial products made by RStudio: for example the community edition lacks of the authentication features implemented in the other RStudio products, and this is a key feature I need in order to share some projects with a limited number of users.

Adding an authentication layer to Shiny Server Community Edition

This guide has inspired me to do something similar (I had a good experience with Django in another project) and I want to create a more structured project in which I could enhance the solution proposed in the pawamoy guide. So, instead of writing about how the Django authentication works with shiny (I think that pawamoy explains those details better than me, I suggest you to read his guide), I want to explain how I added more features in my Django-Shiny authentication project.

Enhancing the Shiny — Django authentication layer

  1. Structure the project with docker-compose
  2. Ensure authentication per application
  3. Direct access to the shiny application (without the django container but with authentication)
  4. Customize the layout

1. Structuring the project with docker-compose

By sharing volumes between container, I could set a NgINX container as the frontend application (which forwards request to the backend and can serve static content itself). Shiny and Django containers (with the database) are part of the backend and are linked to the NgINX container since they are not accessible from the outside. By defining an .env configuration file, I could define passwords and runtime specific variables required by the application (like the django SECRET_KEY) which can’t be tracked in GitHub. Image are pre-builded and loaded into Docker Hub in order to save time with CI tests and for a faster installation on production environment. Here is an extract of docker-compose.yml file:

shiny-server docker-compose example

2. Ensuring authentication per application

shiny-server django models.py

This allows to add a new application using the default django-admin application (however the shiny application code need to be placed manually in the project folder, for the moment. I plan to add a custom django FormView in order to upload code using the admin). The location field in this case will also be part of the final URL which will be served by the Shiny Server docker-compose application:

add a new shiny application using django-admin

By customizing the django views.py, I could customize how applications could be displayed: a public application is available to everyone, even anonymous users; superuser can always display the applications while logged user can see applications only if they own them. In the following example, by inheriting the UserPassesTestMixin from django-auth modules, a generic View can be displayed only if a custom test_func(self) method returns True:

shiny-server django views

3. Direct access to the shiny application

shiny-server: direct access to shiny applications using django

The previous code works together with the following NgINX configuration block: every direct access to shiny application need to be tested using django. Moreover, anonymous users are redirected to login and then towards the requested application URL, while not authorized users got a 403 (access denied) page:

shiny-server: nginx.conf

4. Customize the layout

Conclusion

If you want to learn more, the full application is available in GitHub:

While a more user-oriented guide on how to install the whole application and add a shiny application can be found in the GitHub — Wiki of the project:

If you liked this article, feel free to make a comment or make a clap. See you for another amazing-super complicated guide!

Bioinformatician, Researcher, Developer