How to Get Updated Cookies on st.rerun Without Full Page Refresh?

Artem_Teliuk · April 19, 2024, 8:05pm

Hi everyone,

I’m developing an application with authentication and encountering an issue with handling cookies. My use case is following:

My “demo” application is hosted on the server where the “main” website is hosted, i.e:
- https://example.com/main - main application that has authentication form.
- https://example.com/demo - streamlit application.
User logs-in in the main application obtaining auth token cookie (i.e. auth_token)
Demo application validates cookies on each update, and if auth token cookie is absent, expired or invalid - it redirects to “main” website login form or stops.

The problem: Cookies do not get updated in streamlit after they are changed in browser or by logging out in the “main” website.

They are updated though when the page reload is done i.e. F5.

I need them to be updated after st.rerun or any other streamlit page update. The idea is to stop the application on the whatever next action after the token is invalid.

Here is an example code I created to show the issue:

import streamlit as st
import extra_streamlit_components as stx

cookie_manager = stx.CookieManager(key=0)

# Simulate authentication
cookies = cookie_manager.get_all(key=1)
if "auth_token" not in cookies:
    cookie_manager.set("auth_token", "123", key=2)

# Get cookies
all_cookies = cookie_manager.get_all(key=3)
st.write(all_cookies)

# Change cookie in browser to whatever else value 
# (assume they are changed or deleted after log out in "main" website)

# Perform action equivalent to st.rerun:
# - press R to rerun the app or make a widget update...

# Cookies are changed in browser but not in streamlit after widget update or st.rerun
# This means that logged out user can still continue using the application until 
# full page reload which is not acceptable.

I am using extra_streamlit_components.CookieManager as it seems to be the most supported tool for managing cookies in Streamlit. If there are better tools or approaches for achieving the desired outcome, I am open to suggestions.

Versions:

# Python 3.9
streamlit==1.32.0
extra-streamlit-components==0.1.70

I am new to authentication and cookie handling, so please excuse any mistakes in my approach or explanation, and feel free to suggest improvements!

Thank you for your help!

Alejandro2 · August 5, 2024, 4:13pm

Hi I have a very similar problem did you find a solution?

Arnab1 · September 5, 2024, 9:24am

Did you find the solution? I have the same problem

Jack5 · November 5, 2024, 3:29am

I encounter this similiar issue. my workaround is, after autentication, also save a flag in session_state,
and then check session_state or cookie, anyone has the flag then go to https://example.com/demo.
and next time when user access https://example.com/demo again(refresh page, or go to the address directly), there maybe no flag in session_state, but the cookie will work.

Topic		Replies	Views
Authentication Mix-Up: Cookies Causing Unintended Logins Using Streamlit cookies , debugging	3	771	September 10, 2024
Page rerun, refresh after user interaction Using Streamlit session-state , discussion	0	245	August 2, 2024
St.context.cookies.get() works perfectly in local but collects an empty dict once deployed in Cloud Community Using Streamlit streamlit-cloud , debugging	5	152	September 9, 2024
Streamlit user browser cookies Using Streamlit discussion	1	164	September 24, 2024
New Component: st_cookie Show the Community! cache , session-state , cookies	0	160	September 4, 2024

How to Get Updated Cookies on st.rerun Without Full Page Refresh?

Related Topics

Hello there 👋🏻

Cookie settings

Strictly necessary cookies

Performance cookies

Functional cookies

Targeting cookies