AWS Cognito logout

I created an EC2 instance where I am runninig streamlit and used Cognito for user authentication (very similar to this blog post).

How can I log out of the dashboard? I believe it is a bit similar to this question on StackOverflow which has not yet an answer.

I’m having trouble with this as well. I have a streamlit app behind an ALB that uses Cognito for authentication. Ending a user’s session appears to require a call to Cognito’s logout endpoint and invalidating the session cookies (default name AWSELBAuthSessionCookie). The latter does not seem to be possible within streamlit - the cookies are HTTPOnly according to this thread.

I’ve attempted to read and set the session cookie’s value with extra-streamlit-components but the HTTPOnly cookies do not appear to be read by that package or _get_websocket_headers().

I ended up following the approach in this comment to monkeypatch the streamlit server, adding a logout request handler to delete the AWS session cookie. A user clicks a logout button which sends a GET request to the Cognito logout endpoint (which ends the user session from the auth server side) with a logout_uri arg pointing to my streamlit app’s new logout route to delete the cookie. Without the last step, subsequent requests to the ALB see the cookie and pass through authentication until the session cookie timeout is hit later.

Streamlit’s tornado server already has a number of extra routes for health checks, and it’d be nice to be able to extend that through a configuration instead of monkeypatching.


This topic was automatically closed 180 days after the last reply. New replies are no longer allowed.