Cookies support in Streamlit!

An extension to extra-streamlit-components Ā· PyPI | (Github) , I added browser cookie support. You can preserve data between sessions, update, get, and delete browser cookies. Newly added cookies with this module is strictly same-site, so you donā€™t have to worry about privacy.
Highly advised to be on Streamlit >= 0.84.0 for seamless experience as it harnesses state management for faster performance

cookie_manager

19 Likes

Hey @Mohamed

You should definitely add your extensions to the Components Tracker :slight_smile: those are very neat features!

Happy Streamlitlinā€™ :balloon:
Fanilo

2 Likes

Woah! This is amazing Mohammed! :heart_eyes:

Iā€™ve shared internally with the Dev team.

Best,
Charly

2 Likes

The cookie solution solves a major pain point. Thank you @Mohamed. I am going to experiment with tabs and other features here. Great work!

1 Like

The tab feature is really cool. I tested it with 6+ elements and some are of course hidden. I was able to drag the tabs but it took me a while to find out that it could be done.

It may be nice to show something like a scrollbar in the bottom if there are many elements. What do you think?

1 Like

Glad you like it! Will consider that feedback in later iterations of the library.

3 Likes

Quick question Mohammed.

Do you know if the cookie feat works in Streamlit Sharing?

Thanks
Charly

cc: @jrieke

1 Like

This looks splendid! I canā€™t wait to incorporate this and the other extra components in my app.

Good going! :clap:

2 Likes

I think the pip packageā€™s main.py shall work fine without any additional setup. I tried figuring share.streamlit.io out on but my invitation request hasnā€™t been processed in days.
cc: @jrieke

2 Likes

FYI @Charly_Wargnier Iā€™ve just shared the package on streamlit sharing @ extra-streamlit-components. Enjoy!

3 Likes

Beautiful!

Iā€™ve shared internally with the team!

Charly

2 Likes

@Mohamed would it take a lot of work to add expiration dates to the cookies that are being set? If not, it would be very useful to add it.

1 Like

Nice idea @vivekdse, by default itā€™s set to a day. But will try to make it user configurable in the next iterations.

1 Like

That would be great. Thank you.

1 Like

You can update to 0.1.43 now, and add a cookie expiration date as a python datetime object.

2 Likes

Awesome. I did and it works. Do you want to add the instruction on github on how to add expires_at? I had to dig through the source code for it, and it was worth it :slight_smile: Thank you for taking this on quickly.

2 Likes

@Mohamed How to get the cookie from a existed internet address
and judge its specific cookie is exist or not?
if not exist, do redirect operation, only get valid cookie, user can view the app page.
how can we make it come true?

I had made it use asp, it very convenient
like this:

<%
     if len(request.cookies("cookie_name"))<1 then
           response.redirect("specific address to finish identity check  & back to current page url")
    end if
%>

can we achieve a similar function?

1 Like

Well @BeyondMyself this is not considered as a limitiation of this library rather an application design problem. I propose you do either of the following:

  • Make this authentication mechanism using a REST API where you expect the response to be a cookie or token which then you can use stx to add the cookie.
  • Make the identity check redirect to the app with a query parameter set to the token. i.e. 127.0.0.1:8501?token=1234S3cr3t then use built in streamlit commands to extract that query parameter and then set it as a cookie
  • I can remeber seeing a post on this forum mentioning successfully using AOuth2 which as far as I know, does the identity check in a new window browser and returns an auth token, which then you can also add to the browser cookie using stx
    Good Luck!
1 Like

Hi @Mohamed Iā€™ve implemented a secure access with web authentication, and encoded the user information with JWT in the cookies.
But using this package, when I explore the cookies, I cannot see the required cookie.
Do you know if there is any limitation to shoe ā€œsecureā€ cookies?.
Let me attach some pictures to illustrate the problem:

5 out of 7 cookies are shown. But the one I need is not.
The required cookie is an HttpOnly, Secure and SameSite=Strict cookie. Please see next image:
cookies_problem_2

Can you give me any advice?

1 Like

Hi @MarceTU , one of those 2 not visible cookies must have been set in an other way that through CookieManager so I canā€™t confirm that behaviour.
However, I am aware of a bug where getting all cookies after setting a cookie might miss showing the newly added cookie. A work around to that is to call get_all twice back to back and the latest call shall return all cookies correctly.
Have a good one!

1 Like