Closed 3togo closed 3 days ago
Dear @3togo, I am unable to recreate such a situation when hosting locally or on the cloud. Can you please let me know where you're hosting your application? You can use this sample application to verify that such a situation doesn't happen.
Also can you please share your source code for me to test?
I am writing to inquire about an authentication issue that we have observed in our Streamlit application. Specifically, we have noticed that once User A logs into the system, other individuals are able to access and browse the application in the name of User A, regardless of the computer or device they are using. However, once User A logs out, other users are then required to log in before accessing the application.
We are seeking clarification on the root cause of this behavior. It seems counterintuitive that a user's session would persist across different devices and computers without any form of authentication or session token validation. This poses a significant security risk as it allows unauthorized access to potentially sensitive information.
Here are a few key points that we would like to understand:
We appreciate your assistance in resolving this issue and ensuring the security of our application. Thank you for your time and consideration.