Hi Streamlit community,
Context & Goal:
We’re building a multi-page Streamlit app that requires user authentication. Our goals are:
-
Each user should have an isolated session (ideally, even across different tabs or browsers).
-
After login, users should be able to navigate between pages without losing their authenticated state.
-
Logging out in one tab/window should not affect other users or sessions.
-
We want to avoid using cookies for authentication (for security and isolation reasons).
What we tried:
-
After login, we generate a unique token for the user and redirect them to the main app page with the token and user_id as query parameters, e.g. /opening?user_id=…&token=…
-
On every page, we check the query parameters for the token and user_id to validate the session.
-
For navigation, we build links and redirects that always include the current user_id and token in the URL.
-
We tried both st.switch_page() and JavaScript redirects to /opening?user_id=…&token=…
-
We store the token/user_id in st.session_state for convenience, but always rely on query params for authentication.
The problem:
-
Query parameters are often lost when navigating between pages (especially when using st.switch_page()).
-
Even with JavaScript redirects, sometimes the parameters are not reliably available on the next page.
-
This causes users to be logged out or redirected to the login page unexpectedly.
-
We want to avoid using cookies for authentication, as they are shared across tabs and not per-user/per-tab.
What we want to achieve:
-
A robust, secure, and user-friendly authentication/session management system for Streamlit multi-page apps.
-
Per-user (and ideally per-tab) session isolation.
-
Reliable navigation between pages without losing authentication state.
-
No reliance on cookies for authentication.
Questions:
-
Is there a better or more robust way to handle authentication/session management in Streamlit multi-page apps?
-
Is there a way to reliably persist query parameters across page navigation (or a better alternative)?
-
Are there any best practices or recommended patterns for this use case?
-
Are there any known limitations or upcoming features in Streamlit that would help with this?
Any advice, examples, or pointers to best practices would be greatly appreciated!
Thank you!