Remember login amongst refresh

tylerjrichards / st-paywall

A python package for creating subscription Streamlit apps

MIT License

235 stars 46 forks source link

Remember login amongst refresh #23

Open techjason opened 1 year ago

techjason commented 1 year ago

Would it be possible to implement remember login amongst refreshing? I have been experimenting with streamlit cookies packages but no luck with any of them. Great work btw!

tylerjrichards commented 11 months ago

this is a great point, I was chatting with @blackary about some ideas for this! it is trickier than we expected but hopefully we can figure out some solution for this

pcejrowski commented 11 months ago

I have gotten this to work with a cookie manager instead of the session state. Example managers:

I used the first one within this PR: https://github.com/tylerjrichards/st-paywall/pull/32

tylerjrichards commented 9 months ago

sorry for the late reply here, but I think there are some big problems with this approach. Mainly, if you stick the email in the cookie, then anyone can edit the cookie on their end to an email that they know is subscribed, and get access to your app. So what you actually have to do is create some sort of a hash, and store that has in a database in the app, which is much trickier than we/I had originally thought

jasonmcbride commented 5 months ago

Has this been updated to support sessions and persist on refresh yet?

tylerjrichards commented 5 months ago

Nope, no movement on this @jasonmcbride. PRs are welcome though if you'd like to take a hack at it!

jozkotrapko commented 2 months ago

I have gotten this to work with a cookie manager instead of the session state. Example managers:

https://pypi.org/project/streamlit-cookies-manager/

https://github.com/Mohamed-512/Extra-Streamlit-Components#cookie-manager

I used the first one within this PR: #32

Would you be able to share a code, how did you manage to make it work? It would be very helpful! Thank you in advance. @pcejrowski

baogorek commented 5 days ago

Hello, I just discovered this issue. Happy to work on it though I'm not an authentication expert.

Is there anything we can learn quickly from Streamlit-Authenticator?

Edit: I was just skimming and it looks like Streamlit-Authenticator is just relying on the packages mentioned above.

So what you actually have to do is create some sort of a hash, and store that has in a database in the app, which is much trickier than we/I had originally thought.

@tylerjrichards, would you mind expanding on this strategy a bit? I've got Supabase working with a streamlit app and I'd like to try it.