Update Simple auth manager to define its UI (login form) using fastapi

[vincbeck]

SimpleAuthManager is a minimalist auth manager in core Airflow. It defines its own login form in order for users to log in. Example below:

Simple auth manager has its UI defined using Flask, you can then use it with Airflow 2 UI. But the goal is to use simple auth manager in Airflow 3. In order to use simple auth manager with Airflow 3 UI, we need to implement its views in the fastapi application. This is the goal of this PR.

After this PR is merged, I'll remove the UI/views definitions of simple auth manager in Flask. We do not need the simple auth manager to be compatible with Airflow 2 UI (although that was necessary for testing it).

As a result of this PR, multiple endpoints are added:

• <env_endpoint>/auth/webapp/login: the login form
• <env_endpoint>/auth/static/assets/index-......js: the JS/React artifact defining the login form
• POST <env_endpoint>/auth/token: to create a JWT token given username and password

(Sorry for the massive PR).

Testing

To test this PR and play around with the simple auth manager login form:

• Set export AIRFLOW__CORE__AUTH_MANAGER="airflow.auth.managers.simple.simple_auth_manager.SimpleAuthManager"
• In airflow/auth/managers/simple/ui/, run npm run build. I need to update the pre-commit script to do that automatically
• Run Airflow and go to /auth/webapp/login

---

^ Add meaningful description above
Read the Pull Request Guidelines for more information.
In case of fundamental code changes, an Airflow Improvement Proposal (AIP) is needed.
In case of a new dependency, check compliance with the ASF 3rd Party License Policy.
In case of backwards incompatible changes please leave a note in a newsfragment file, named {pr_number}.significant.rst or {issue_number}.significant.rst, in newsfragments.

[bbovenzi]

Tested locally. It works!

I'd like us to match the main UI's setup a bit more. Use pnpm instead of npm and I want to see if we can share the same linting/prettier rules.

[bbovenzi]

We'll need to remember to change this whenever we drop the /webapp. Or better, have one source of truth on the UI base route

[vincbeck]

Tested locally. It works!

I'd like us to match the main UI's setup a bit more. Use pnpm instead of npm and I want to see if we can share the same linting/prettier rules.

I agree that would be great. I made multiple tries but could not come up with something working. Typescript could not recognize types defined in the simple auth manager UI directory. We could give it another try later. I dont think this is a must have for now

[pierrejeambrun]

That's a little unclear for me where we're at and what we want to do for auth managers.

For other auth managers, especially FAB one, do we plan to use the flask middleware to be able to render all of those flask views into fastapi ? (avoiding the flask <-> fastapi convertion, I think this is what was suggested by Jed.)

Then we only do this work for the simple auth manager because we do not need backward compat and because it's more convenient to have that in native FastAPI ?

[vincbeck]

That's a little unclear for me where we're at and what we want to do for auth managers.

For other auth managers, especially FAB one, do we plan to use the flask middleware to be able to render all of those flask views into fastapi ? (avoiding the flask <-> fastapi convertion, I think this is what was suggested by Jed.)

Then we only do this work for the simple auth manager because we do not need backward compat and because it's more convenient to have that in native FastAPI ?

Yes to everything :)