I did a simple test and oauth2-proxy seems to be a interesting option!
It’s a simple oauth proxy, therefore I could protect my streamlit application behind a google-login page.
Please be aware that oauth is not a trivial flow so, consider wisely all your requirements (i.e. logout, security, etc) 
Simple demo:
Hi and thx for the suggestions!
I have the following error:
ModuleNotFoundError: No module named 'SessionState'
I tried to install various libraries but the error is still there.
Any idea anyone?
Thanks,
Charly
Hi Charly,
You need the SessionState gist. I.e. put the file SessionState.py from here in your project.
There are are different versions of the SessionState gist out there, but it looks like this one is recent. See e.g. this thread for some additional inspiration.
Best regards,
Peter
Hi,
I’m trying to use this solution. But the following happens when 2 users use the app at the same time. Example:
User A inputs his password (let’s say ‘pwd_A’) through ‘pwd = st.text_input(…)’ and I save it using session_state.password = pwd.
Then another user (different device) comes and input his password (let’s say pwd_B).
What happens is that for BOTH sessions, now session_state.password is pwd_B (somehow user 2 overwrote session_state.password for user 1).
Can anybody help please?
Hey,
were you able to resolve the problem? I’m encountering the same and it would be awesome to have a solution for that.
Best,
Michael
Could you post the code that is causing this? Functionally, the session_state should be unique to each user.
Sorry for the super late response, I’ll create a minimal example later today.
Hi @Juan,
yes, that solved the problem 
Thanks for all your work @theimposingdwarf @Juan
Best,
Michael
Another very safe alternative is to host the streamlit app on AWS,
and use a Load Balancer authentication mechanism to protect access to the server.
This doesn’t require you to implement any login in your code, and you can even implement OAuth flows to login using your google account.
Checkout these guides;
TL;DR of some answers above is to deploy an identity-aware proxy in front of your app, that would solve several issues:
there are open source, on-premise and cloud-managed solutions, depending on your deployment strategy.
i.e. check out this example https://github.com/gwrun/tutorials/tree/main/streamlit/docker-compose
Could you share the codes? Thanks!
Check out this repo for an implementation of users using Docker, Nginx, and Streamlit. Scroll down the README until you get to the section on Users, read for more detail.
TBD on security. I think it’s secure, but I’m not doing anything important with this code (tracking personal calories) so I am willing to take the risk of waiting and seeing what busts I find. But if smarter parties than myself wish to pry, the README should take ~5mins to figure out how I did this.
session_id = ReportThread.get_report_ctx().session_id
AttributeError: ‘NoneType’ object has no attribute ‘session_id’
Why I am getting None type object ReportThread
Great work here! However, when I add a sidebar for app navigation or a st.checkbox feature it reroutes to the login credentials… any suggestions? I’m trying to simply make a login using a special password to access the main application. Will love and sincerely appreciate any helpful feedback!
def main():
st.header('Hello')
st.balloons()
# general info
st.title('Upload File')
df = st.file_uploader("Upload CSV", type=['csv', 'xlsx'])
agree = st.checkbox("Test")
if agree:
st.checkbox("Hello!", value = True)I just posted a component-based solution using Auth0 identity provider.
This is great. I was struggling with Auth0 integration though. Could you please share the solution ?
Click the link above to expand the post. Should have all you need.
Hi, do we have any solution on social authentication… i’m waiting for now more then 6 months …
@amitmitra see my post. It’s easy to add most types of IdP with Auth0. In my screenshots you can see both enterprise and google auth.