I’m building an app that is designed so that users will need to refresh the app throughout the day. The app is gated - to access the app, the user signs up and must purchase a subscription through Stripe (I’m using GitHub - tylerjrichards/st-paywall: A python package for creating subscription Streamlit apps for authentication and Stripe integration)
I face one big limitation. Whenever a signed+paid user refreshes the page, they mush login again. So I need to store session info. However, as far as I know Streamlit only offers client-side session management. This doesn’t work for a paid app in which a free user can easily manipulate client-side cookies to appear as a paid user.
So how do we build serve-side session management into Streamlit apps? I.e. a logged in user should not have to re-login every time they refresh the page. And a free usr should not be able to spoof themselves as a paid user.