User authentication

Hi, do we have any solution on social authentication… i’m waiting for now more then 6 months …

1 Like

@amitmitra see my post. It’s easy to add most types of IdP with Auth0. In my screenshots you can see both enterprise and google auth.

This solution is not correct. It will re-run all scripts when anything is changed in the main() function, so it will ask for password again.
See the example here with password = “admin”

Streamlit Snippets · Streamlit

1 Like

A solution without hardcoding the password in the file would be nice

Hi. Is it possible share your repo?

import streamlit as st
import pymysql
import pandas as pd
import webbrowser as web
username=st.text_input(“Please input your username:”)
pwd=st.text_input(“Please input your password”,type=‘password’)
db = pymysql.connect(host=“localhost”, user=“root”, password=“abcde”, database=“python”, charset=“utf8”)
sql=“select * from pwd”
cursor = db.cursor()
cursor.execute(sql)
db.commit()
df=pd.read_sql(sql,con=db)
if username=="":
st.info(“You do not have input user name yet”)
elif pwd=="":
st.info(“You do not have input password yet”)
else:
if username in df.values and pwd in df.values:
st.success(“Welcome back!”)
web.open(“https://www.baidu.com/”)
else:
st.warning(“Sorry, you can not login in, please check your user name or password.”)

1 Like

Thanks for this. I have a question through. Let say if you are running in local host 8501 and if multiple users login how do you differentiate?

1 Like

you can save all of the user name and their password on your database

1 Like

Its not about the database. Lets assume i have all the users in my database. But if another user try to connect to the same host (Say 8501) - it will not take you to loginpage. because the previous user is already connected and logged in.

1 Like

do not worry, web page support many users to view and do operation at same time, their operation is independent.
the code in the example, only when user name and password match, the user can login.
at other condition, the login will fail.

1 Like

Here is a simple way to add some authentication without using any other packages.

access_token = st.text_input(‘Please enter your access token:’)
if access_token != ‘your_secret_token’:
st.write(‘Sorry, your token is invalid. Please try again or contact the administrator.’)
st.stop()

Do anyone know whether this approach poses any major vulnerability compared to the other ways suggested in other posts?

1 Like

@filiagees Can you share the authentication code using oauth2-proxy?

Thanks

How you can implement a logout button in streamlit using this method?

Just get them to delete the password from the text box.

Does someone have a code to share implementing user login and logout buttons using the new Session State feature? It would be really helpful

7 Likes

I don’t know if it’s possible to persist state after page refreshing, i.e., make possible log-in/log-out buttons. (It seems that Streamlit doesn’t support browser cookies yet.) However, if someone needs basic password protection, I created a basic example showing how to restrict access to the dashboard using snippets shared on this thread.

auth

If you know a better way of doing this, please let me know! Would be great to have “proper” authentication instead of DIY hacks. Even enabling cookies would help a lot.

Update

I see that now session state is available via public API.

1 Like

Hey thanks @devforfu , that is the reason of my question, I’d like to know if there is a way to implement login/logout with the new built-in session state component. Could you update your code to accomplish that?

2 Likes

hi @filiagees pls can you share your demo code?

Hi @devforfu, @Luigi8735, @GitHunter0 You are welcome to look at the secure app example as part of Hydralit, the example app shows how to use any source of login and security level data you want to control different levels of access to multiple “pages” within your application. The example app implements a simple use case that could be expanded easily for more complicated or granular access control. You can even play with the live running demo here.

1 Like

Hi @Probability, thanks a lot for your suggestion, however, I was looking more for something that @filiagees showed in which I can log in with my Gmail credential (via oauth2-proxy) rather than create new username and password…may you help with that? thanks in advance