Lots of these have popped up in the past year. I have a simple question from all of them.
Can this do authentication naively? Meaning, there is some simple code needed to ensure that every logged in user sees exactly the stuff they should, and non-logged in users see nothing.
It's more than a little confusing to me the relationship or dependencies between h2o.ai, h2o-ai-cloud, and this Wave tooling.
With that huge caveat, insofar as Wave for "Enterprise" seems to run on H2O AI Hybrid Cloud (though H2O.ai suggests an intent to run on-prem or air-gapped), the `h2o-ai-cloud` seems to handle authentication and authorization using an OpenID Connect (OIDC) provider like Keycloak, which should let you integrate with other services like SAML and LDAP.
User roles look tied to OIDC access token claims, and what a user can see or do depends on their role, so in theory, they should only have access to what's appropriate.
There are also some options for more granular control through IAM-like policies, but it looks like these are still in beta.
Overall, it looks at the very least that enabling authentication and access authorization is not just an afterthought, assuming it's all set up right.
It probably depends on what you want. From a quick glance at the code, this looks like something that works really well for a few narrow use cases (but seems very productive in those niches).
FastHTML should be more generic and able to do more things but you’re going to have to know HTML. It looks like they just translated HTML tags to Python classes that generate the HTML. There’s no “magic” hiding the HTML from you.
I prefer just writing the HTML. I don’t love wrapping HTML in Python like FastHTML, it feels like it always eventually becomes an issue for some reason or another. The narrow frameworks can be very cool when they fit, though.
Can this do authentication naively? Meaning, there is some simple code needed to ensure that every logged in user sees exactly the stuff they should, and non-logged in users see nothing.