Using Dashboard to Deploy and Backtest Strategies - Part 2¶
In this section, we'll dive into the importance of securely managing credentials in the Hummingbot Dashboard, ensuring that your information remains private and under your control.
Enabling Credential Management¶
If you plan to expose Dashboard externally or enable multiple users, managing credentials securely is paramount.
To add authentication layer to Dashboard, modify the
AUTH_SYSTEM_ENABLED variable in the CONFIG.py file. By default, it is set to
Change it to
True and save the file:
Afterwards, stop Dashboard and restart it with
make run. Users will now be asked to log in when accessing Dashboard at https://localhost:8501.
Setting User Credentials¶
We present two methods for setting user credentials for Dashboard:
1. Manual Password Hashing¶
In this method, we manually declare the users and their corresponding passwords in the
email: [email protected]
name: Admin User
password: abc # To be replaced with hashed password: hashed_passwords = stauth.Hasher(['abc', 'def']).generate()
abc is a placeholder for the hashed password.
To generate a hashed password for a given string, follow these instructions:
conda activate dashboardto ensure that you're in the Dashboard environment is active.
- Afterwards, enter the Python console with:
- Import the auth library and hash the password:
- In the
credentials.ymlfile, Replace the
adminuser's password with this
exit()to exit the Python console.
- Access the dashboard at https://localhost:8501 and enter the username(
admin) and string(
YOUR_PASSWORD) used to generated the hashed password.
2. Whitelisted Email Registration¶
While the method works for 1-2 users, it might be cumbersome if numerous users interact with Dashboard.
Instead, you can edit the
preauthorized section in
credentials.yml. This method below allows you to whitelist a list of emails and allow users to set their own passwords. Each user is added to the credentials file.
- Define a whitelist of emails authorized to access the dashboard.
- In the
pre_authorized:section of `credentials.yml``, add the emails of users who will be pre-authorized to register and create their credentials.
- Users with whitelisted emails can fill out a registration form upon their first login.
- Upon registration, Dashboard will hash and store their credentials automatically in this file.
Once logged in, you have the freedom to navigate through the various sections of the dashboard. However, to log out securely, ensure you return to the main Hummingbot Dashboard page and click the logout button. This ensures optimal security for your credentials and the dashboard's functionality.
Next, learn how to use the master bot profile to manage the keys you store in Dashboard.