coltone24•5d ago

Accessing Middleware Values in a Marimo Cell

I'm running a FastAPI server with Marimo and using SessionMiddleware to manage authentication via a cookie containing the access token. Here's the FastAPI setup:

server = marimo.create_asgi_app()
apps_dir = os.path.join(os.path.dirname(__file__), "apps")
for filename in sorted(os.listdir(apps_dir)):
    if filename.endswith(".py"):
        app_name = os.path.splitext(filename)[0]
        app_path = os.path.join(apps_dir, filename)
        server = server.with_app(path=f"/{app_name}", root=app_path)

app = FastAPI()
app.add_middleware(SessionMiddleware, secret_key="test")
app.add_middleware(auth_middleware)

labs_app.mount("/", server.build())

server = marimo.create_asgi_app()
apps_dir = os.path.join(os.path.dirname(__file__), "apps")
for filename in sorted(os.listdir(apps_dir)):
    if filename.endswith(".py"):
        app_name = os.path.splitext(filename)[0]
        app_path = os.path.join(apps_dir, filename)
        server = server.with_app(path=f"/{app_name}", root=app_path)

app = FastAPI()
app.add_middleware(SessionMiddleware, secret_key="test")
app.add_middleware(auth_middleware)

labs_app.mount("/", server.build())

In the Marimo app code, I can access the access_token from the session middleware, but I can't figure out how to access the same value within a Marimo cell. Here's the cell code:

import marimo

app = marimo.App(width="medium")

access_token = context["access_token"]

@app.cell
def _():
    import marimo as mo
    mo.md(access_token)  # Trying to use the access_token from above but fails
    return mo

if __name__ == "__main__":
    app.run()

import marimo

app = marimo.App(width="medium")

access_token = context["access_token"]

@app.cell
def _():
    import marimo as mo
    mo.md(access_token)  # Trying to use the access_token from above but fails
    return mo

if __name__ == "__main__":
    app.run()

1. How can I properly access the values outside the cell (like access_token) in a Marimo cell? 2. Is there a recommended approach for passing session values from FastAPI's middleware into Marimo's context or cells? Any guidance or examples would be appreciated!

10 Replies

Hall•5d ago

Someone will reply to you shortly. In the meantime, this might help:

Haleshot•5d ago

Hi, can you let me know whether this is useful for you: https://docs.marimo.io/guides/deploying/authentication/?h=middle#authentication

Authentication - marimo

The next generation of Python notebooks

coltone24OP•5d ago

Yes, this is essentially what I did and works great for authing access to the app itself. However, what it doesn't solve is my use case where I want to be able to make api requests to our other api routes with something like requests.get() but need to attach the auth token to it and haven't found way to get that access token available within the cell itself.

@app.cell
def _():
    import marimo as mo
    import requests

    headers = {
        "Authorization": f"Bearer {access_token}"
    }
    metrics_response = requests.get("http://localhost:8080/api/metrics, headers)
    return mo

@app.cell
def _():
    import marimo as mo
    import requests

    headers = {
        "Authorization": f"Bearer {access_token}"
    }
    metrics_response = requests.get("http://localhost:8080/api/metrics, headers)
    return mo

Haleshot•5d ago

Haven't yet had a use-case like that personally. Will let you know if I can figure out a way for this.

Myles Scolnick•5d ago

@coltone24 , it is not possible today to get the access token or user session. we've though about adding it to mo.app_meta().user, when running programatically

marcodlk•3d ago

@Myles Scolnick is there a reason the request headers can’t easily be exposed from within the Marimo cell, via mo.app_meta() or other method? I am realizing this is a hard requirement for an app I’m on the hook to deploy next week, and I’d like to hack a way around it. If there is any tips you may be able to provide, it’d v appreciated!

Myles Scolnick•3d ago

it might be hard to plumb it through, but not real reason. maybe security, but we can make that opt-in. what do you need from the headers? if its just login/user-info, it might be easier than pulubming all the headers

marcodlk•2d ago

Specifically in my case, to parse the keycloak auth token for the user info. Thinking that exposing headers, or at least as an opt-in, would afford the developer full flexibility when mounting marimo in a FastAPI app. Is there a specific format or set of formats you’d be looking to support for parsing user info in the headers?

Myles Scolnick•2d ago

I think this makes total sense and I am sure folks would be interested. Maybe a dict of the headers is easiest. I was thinking you could pass the user info too in a structured formatted of email, name, and get_token(). Does that answer your question?

marcodlk•4h ago

It does, thanks - dict of headers would work great. Also like the structured user info and get_token() to streamline the more common use cases

Accessing Middleware Values in a Marimo Cell

Did you find this page helpful?