Creating a new thread as this includes a highly requested feature, and the original is locked.

Releasing v1.0 of Streamlit Login Form

This version finally introduces highly requested and necessary password hashing
All new passwords will be hashed automatically using the award-winning Argon2 algorithm.

Already using plaintext passwords? We have you covered

• Plaintext passwords of existing users will automatically be hashed during a logging attempt.
• We also expose the hash_current_passwords() methods to hash all plaintext passwords in bulk.

We have also updated the README to make it more helpful by clarifying usage instructions and including an API reference for exposed methods

The Streamlit Demo App also features better error handling and reporting instructions

Streamlit Login Form

A Streamlit authentication component that creates a user login form connected to a Supabase DB.

screenshot787×410 15.4 KB

Try the Demo App

Features

• One-line authentication frontend
• Password hashing using the award-winning Argon2 algorithm
• Create new account, login to existing account, or login as guest
• Hash existing plaintext passwords in one-line of code
• Auto-collapses and disables the form on successful authentication

Installation

1. Install st-login-form

pip install st-login-form

2. Create a Supabase project as mentioned here
3. Create a table to store the usernames and passwords. A sample DDL query is shown below:

CREATE TABLE users (
    username text not null default ''::text,
    password text not null,
    constraint users_pkey primary key (username),
    constraint users_username_key unique (username),
    constraint users_password_check check (
      (
        length(
          trim(
            both
            from
              password
          )
        ) > 1
      )
    ),
    constraint users_username_check check (
      (
        length(
          trim(
            both
            from
              username
          )
        ) > 1
      )
    )
  ) tablespace pg_default;

4. Follow the rest of the steps from here to connect your Streamlit app to Supabase

Usage

On authentication, login_form() sets the st.session_state['authenticated'] to True. This also collapses and disables the login form.
st.session_state['username'] is set to the provided username for a new or existing user, and to None for guest login.

import streamlit as st

from st_login_form import login_form

client = login_form()

if st.session_state["authenticated"]:
    if st.session_state["username"]:
        st.success(f"Welcome {st.session_state['username']}")
        ...

    else:
        st.success("Welcome guest")
        ...
else:
    st.error("Not authenticated")

Hashing existing plaintext passwords

Plaintext password for a user is automatically hashed during a login attempt.

To bulk-update all existing plaintext passwords in the table, use the hash_current_passwords() method.

API Reference

• login_form()

  def login_form(
      *,
      title: str = "Authentication",
      user_tablename: str = "users",
      username_col: str = "username",
      password_col: str = "password",
      create_title: str = "Create new account :baby: ",
      login_title: str = "Login to existing account :prince: ",
      allow_guest: bool = True,
      allow_create: bool = True,
      guest_title: str = "Guest login :ninja: ",
      create_username_label: str = "Create a unique username",
      create_username_placeholder: str = None,
      create_username_help: str = None,
      create_password_label: str = "Create a password",
      create_password_placeholder: str = None,
      create_password_help: str = "Password cannot be recovered if lost",
      create_submit_label: str = "Create account",
      create_success_message: str = "Account created and logged-in :tada:",
      login_username_label: str = "Enter your unique username",
      login_username_placeholder: str = None,
      login_username_help: str = None,
      login_password_label: str = "Enter your password",
      login_password_placeholder: str = None,
      login_password_help: str = None,
      login_submit_label: str = "Login",
      login_success_message: str = "Login succeeded :tada:",
      login_error_message: str = "Wrong username/password :x: ",
      guest_submit_label: str = "Guest login",
  ) -> Client:
      """Creates a user login form in Streamlit apps.
  
      Connects to a Supabase DB using `SUPABASE_URL` and `SUPABASE_KEY` Streamlit secrets.
      Sets `session_state["authenticated"]` to True if the login is successful.
      Sets `session_state["username"]` to provided username or new or existing user, and to `None` for guest login.
  
      Returns:
      Supabase client instance
      """
  

• hash_current_passwords()

  def hash_current_passwords(
      user_tablename: str = "users",
      username_col: str = "username",
      password_col: str = "password",
  ) -> None:
      """Hashes all current plaintext passwords stored in a database table (in-place)."""
  

Get Involved!

Your feedback and contributions can help shape the future of Streamlit Login Form. If you have ideas or features you’d like to see, let’s collaborate!

• Contribute: Submit PRs or open issues on GitHub.
• Connect: Have questions or suggestions? Reach out to me on LinkedIn or email.

Support Streamlit Login Form

Love Streamlit Login Form? Here’s how you can show your support:

• Star: Give us a star on GitHub and help spread the word!
• Share: Tell your friends and colleagues about us on social media.
• Donate: Buy me a coffee and fuel further development!

Thank you for supporting Streamlit Login Form!

is it possible to save userids and password in our own db/local file rather than supabase db.

Hey @Sai_SaiGraph ,

Not currently, unfortunately. But this has been a widely requested feature, and making the component database agnostic is in the backlog

This topic was automatically closed 180 days after the last reply. New replies are no longer allowed.