I have a prodigy task ready for internal (not internet-wide) review and have it running on a server with the host set to 0.0.0.0, but want to keep the contents secure so that only the specified reviewer can see and interact with the review process.
For context, let’s suppose that I’m working on a Windows machine, that I have prodigy installed in a virtual environment at C:\prodigy\.venv, with relevant recipes and other associated code at C:\prodigy\src in a package called prodigy_recipes. I want to invoke the classification command textcat.custom. I need authentication and SSL. How can I do this?
First, since the recipe(s) I’m invoking might reference the package (which will have its own self-referential imports), I’ll need to set the PYTHONPATH.
$env:PYTHONPATH='C:\prodigy\src\prodigy_recipes' # set PYTHONPATH to include package
Second, I want to add basic authentication. This also be done by setting environment variables:
$env:PRODIGY_BASIC_AUTH_USER='timmy' # set username $env:PRODIGY_BASIC_AUTH_PASS='CoffeePlease!' # set password
Basic authentication doesn’t work well without securing our traffic (i.e., change the destination protocol from http to https). So, third, let’s add SSL.
This step is a bit more involved. You’ll need to get a certificate (if you can’t get one, you can make one yourself), and get the relevant .key and .crt files. We’ll need to add these to our prodigy installation. Navigating into our virtual environment, we’ll open C:\prodigy\.venv\Lib\site-packages\prodigy\app.py. At the very bottom is an invocation to uvicorn.run. We’ll just need to add the .key and .crt file locations:
uvicorn.run(
app,
host=host,
port=int(port),
log_level=get_log_level(),
log_config=_uvicorn_log_config,
ssl_keyfile=r'C:\certs\my.key',
ssl_certfile=r'C:\certs\my.crt',
ssl_keyfile_password='password2!', # if keyfile is encrypted (default)
)
Fourth, it’s worth double-checking the prodigy.json file (you’ll need to create one if you haven’t yet; let’s put ours here C:\prodigy\prodigy.json). At the very least, we’ll probably need something like this:
{
"theme": "basic",
"host": "0.0.0.0", # serve externally
"port": 8080,
"db_settings": {
"sqlite": { # database to write results to
"name": "prodigy.db",
"path": "C:/prodigy"
}
}
}
Finally, we can run our command:
prodigy textcat.custom review1 C:\data\corpus.jsonl -F C:\prodigy\src\prodigy_recipes\special_recipe.py
We can now test this by navigating to another machine, navigating to the relevant server, and logging in. Success!