New Component: Streamlit-Authenticator, a secure authenticaton module to validate user credentials in a Streamlit application

Hi Ola,

Currently not, but in a future release, I can make it customizable. Otherwise feel free to modify and push changes to the source code if you wish to implement it yourself in the meantime.


hi @mkhorasani Thanks for sharing the component. I got this error trying to run the sample code. Any suggestion?
ValueError: Please enter hashed passwords and not plain text passwords into the ‘authenticate’ module.

Hi @shanshan_wang, this is a known issue that appears intermittently and a pending fix is yet to be made, as soon there is one the community will be informed of it. Cheers.

@mkhorasani Thanks.

Really helpful component which makes life easier. It would be great if the position of the logout button can be customizable.

Thanks. It’s in the works, hopefully in the next release.

Thanks @mkhorasani. Really helpful. Would be great if we have the option of doing away with the Logout button or may be position at the bottom of the sidebar.

Please check the latest release v0.1.2, this issue should not reappear.

@mkhorasani The Logout button seems to be still in the earlier version position. This really distorts the main page content. Am i missing something here?

I think he was talking about this error ValueError: Please enter hashed passwords and not plain text passwords into the ‘authenticate’ module.

The logout button is still the same and if you have choosen sidebar, the st.error message displays in the main content while the login is in sidebar.

Please check the latest release v0.1.2, this issue should not reappear.

Edit: Apologies, I was referring to the ValueError associated with not entering hashed passwords as pointed out correctly by @tuhinmallick. I can remove the logout button and instead have the developer create a button of their own, that when pressed will update the session state variable associated with logging out - the only problem is that you need to press it twice for it to work due to Streamlit re-running the script in a peculiar way. I am still working on this and once I have a robust solution I will definitely push an update.

thank you. That would be great

Dear @Kishoren, @tuhinmallick, @ola, and @pratesbruno, the request for customizing the location of the logout button has now been addressed with the latest release v0.1.3. Thank you all for your patience.

1 Like

Hi @mkhorasani ,
Thanks for this. Though, I am not sure how to use it. Are we supposed to have a DB with hashed passwords saved in it ? And then how should new users create their password ?
Would it be possible to share a sample app ?

Hey @Anatole_Callies, you’re most welcome. You can store your hashed passwords in any form you like including storing them on a database. In its current form, you as the developer should create credentials for your users, not the other way round. Here is a sample application using Streamlit-Authenticator.

thanks @mkhorasani. Now am able to customize the ‘Logut’ button. Couple of observations.

  1. The Username and Password fields are taking the entire screen space and not in the middle of the screen. 2) Enter username and password prompt is at the bottom. May be before input field username is appropriate. Thanks once again

Hi @Kishoren, the username and password fields use the st.text_input widget, there’s really not much customization when it comes to sizing them. Perhaps you can adjust the page configuration using st.set_page_config. To relocate the authentication prompt, you can use placeholders with st.empty to render a message before the login form.

Hi @mkhorasani ,
Thanks again for the great work.
Sometimes, I am getting this message when loading my streamlit app that uses your add-on. Have you ever encountered it ? Do you know what to do ?


Hey @Anatole_Callies, you’re most welcome. That is related to the cookie manager which is based on the ‘extra_streamlit_components’ library. You can find more about it here.

@mkhorasani Thanks for creating this component. It is a game changer for me.

I am using Deta Base to store the credentials and kept the signature in secrets together with other IDs, api keys and token. The cookie name has been left in clear text. Is there a need to ‘hide’ it in the secrets folder?