Skip to content

[core] Support token based auth in ray dashboard UI #58368

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 4 commits into
base: master
Choose a base branch
from
Open

[core] Support token based auth in ray dashboard UI #58368

wants to merge 4 commits into from
+826 −10

Conversation

@sampan-s-nayak
Copy link
Contributor

Description:

when token auth is enabled, the dashboard prompts the user to enter the valid auth token and caches it (as a browser cookie). when token based auth is disabled, existing behaviour is retained.

all dashboard ui based rpc's to to the ray cluster set the authorization header in their requests

Screenshots

token popup
image

on entering an invalid token
image

@sampan-s-nayak sampan-s-nayak requested a review from a team as a code owner November 3, 2025 08:14
@sampan-s-nayak sampan-s-nayak added the go add ONLY when ready to merge, run all tests label Nov 3, 2025
gemini-code-assist[bot]
gemini-code-assist bot reviewed Nov 3, 2025
View reviewed changes
Copy link
Contributor

@gemini-code-assist gemini-code-assist bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request introduces token-based authentication for the Ray Dashboard UI, which is a significant security improvement. The implementation is well-structured, separating concerns into different modules for authentication logic, cookie management, and UI components. The use of Axios interceptors to handle token injection and authentication errors is a clean approach. The backend changes in http_server_head.py correctly define public endpoints to allow the UI to load and prompt for a token. The addition of comprehensive tests for the new components and logic is also commendable. I have a few suggestions to improve maintainability and clean up some code.

sampan added 2 commits November 3, 2025 08:35
address comments
7660ade 
Signed-off-by: sampan <[email protected]>
fix lint
5234bfe 
Signed-off-by: sampan <[email protected]>
@ray-gardener ray-gardener bot added the core Issues that should be addressed in Ray Core label Nov 3, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@cursor cursor[bot] cursor[bot] left review comments

@edoakes edoakes Awaiting requested review from edoakes

+1 more reviewer

@gemini-code-assist gemini-code-assist[bot] gemini-code-assist[bot] left review comments

Reviewers whose approvals may not affect merge requirements

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

core Issues that should be addressed in Ray Core go add ONLY when ready to merge, run all tests

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@sampan-s-nayak