Question

Customization of the user session expiry time via the API

  • 21 March 2017
  • 0 replies
  • 113 views

  • Looker Staff
  • 10 replies

Currently, it is not possible for admins to specify the default session expiry time for users via the UI. However, this can be achieved with a script that periodically scans through the active user sessions and determining which ones should be ended. This can all be done via the Looker API and is described below.


Step 1:


Authenticate using an API3 key of an admin.


import looker 
import re
from datetime import datetime

base_url = 'https://learn.looker.looker.com:19999/api/3.0'
client_id = ''
client_secret = ''

# instantiate Auth API
unauthenticated_client = looker.ApiClient(base_url)
unauthenticated_authApi = looker.ApiAuthApi(unauthenticated_client)

# authenticate client
token = unauthenticated_authApi.login(client_id=client_id, client_secret=client_secret)
client = looker.ApiClient(base_url, 'Authorization', 'token ' + token.access_token)

Step 2:


Get a list of all the users that have access.


# instantiate User API client & get list of users
userApi = looker.UserApi(client)

user_list = userApi.all_users()
user_ids = [user.id for user in user_list]

Step 3:


Define a session expiry time, scan through existing sessions and delete those that have expired.


expiry_time = 60 

for uid in user_ids:
user_info = userApi.all_user_sessions(uid)

# make sure user has an existing session
if len(user_info) > 0:
session_created_time = re.findall(r'(\d{4}[-]\d{1,2}[-]\d{1,2})[t](\d{1,2}:\d{1,2}:\d{1,2})', user_info[0].created_at)[0]
session_created_time = session_created_time.replace('T',' ')
login_time = datetime.strptime(session_created_time,'%Y-%m-%d %H:%M:%S')
minutes_loggedIn = (datetime.now()-login_time).total_seconds() / 60

# if session expired, delete it
if minutes_loggedIn > expiry_time:
userApi.delete_user_session(user_id, user_info[0].id)

0 replies

Be the first to reply!

Reply