Session state shared between different users

Hello, I have an app deployed as docker container in aws with nginx as reverse proxy. I am encountering a strange behaviour of the app that suddenly appears : different users using the app and sharing the same session_state , anyone could provide hints on how to address this issue would be really appreciated!

Can you share your code and give more context to what you are expecting vs experiencing? Session state is certainly not supposed to shared between users. Are you using any caching that might need to be configured differently maybe? :slight_smile:

I appreciate your input I have indeed implemented caching using both cache_resource for functions and cache_data for uploaded files. However, I have encountered an issue where I was seeing cached data from other users. To address this, I have implemented a temporary workaround by clearing the cache on each rerun. Although this solution ensures data privacy, it does slow down the application and prevents me from fully utilizing the benefits of caching.

For more context on the app it is available at and the code is available at the GitHub repository at microbiome/ at main Β· cami3/microbiome Β· GitHub . Thank you for any support!

You can store data in session_state instead of using st.cache_xxx.

Thank you for assistance ! In the code I use both st.session_state and st.cache_xxx and when I open different tabs in the same or different browsers I have noticed some unexpected strange cross talks of session_state. I implemented cache clearing so it seems that session_state is shared among tabs. I would highly appreciate any hint.

st.session_state is shared aong sessions but its items / attributes are not. So st.session_state is the same object in all sessions, but st.session_state.key or st.session_stat["key"] may ot may not exist on each session and it is a different object when it does.

Thank you for the clear explanation. I tried not to use caching at all but only st.session_state.key and the weird behaviour of seeing other users data stopped. Then, I also tried replacing st.cache_xxx with the deprecated st.cache and again the crosstalk among users data stopped. Is it somehow possible that caching using st.cache_resource or st.cache_data gives rise to crosstalk of data among users? Thank you for your assistance !|

If you cache some data in one session and any user in any session has that cached function with the same parameters, they will see that cached data created from that first session.

If you write something to in one session, that same information will not be accessible in another session. The other session will have some other object in or possibly none at all.

Generally speaking, don’t cache things that you want to keep private to a specific user/session. (You can certainly pass in some kind of user id as a parameter to a cached function if you want to prevent other users from accessing the cached info, but it does start to create extra details to handle if you cache something you want to be tied to a particular session.)

There is no crosstalk. Calling the same cached function with the same parameters will always return (maybe a copy of) the same object, regardless the session.