An authentication module to add JWT authentication via API for Streamlit applications
Warning
This library is still in Alpha version and continues to be developed. It may contain security vulnerabilities, so please take this into consideration before using it in your project.
Install Streamlit JWT Authenticator with PyPI
pip install streamlit-jwt-authenticator
Streamlit JWT Authenticator allows you to use available JWT APIs. Therefore, make sure you have a working JWT authentication API.
In a quick start, the previously developed API can be added to the code block below and run.
import streamlit as st
from streamlit_jwt_authenticator import Authenticator
# Your API url to get JWT token
api_url = "http://localhost/api/token/"
# Create Authenticator instance
authenticator = Authenticator(api_url)
# Add login form
authenticator.login()
# Check is user logged in successfully
if st.session_state["authentication_status"]:
# Add logout form
authenticator.logout()This code should show you a login screen like below:
When successfully logged in, the application saves all the keys in the response to the session. For example, if you have a key named access in the response of the login API, you can access it as follows:
st.session_state["access"]The application can use this token when making requests to other APIs.
headers = {
"Authorization":"Bearer {}".format(st.session_state["access"])
}
response = requests.post("http://localhost/your_api/", headers=headers)To use the Authenticator class, you need to initialize an instance with the necessary parameters:
from streamlit_jwt_authenticator import Authenticator
authenticator = Authenticator(url="your_authentication_endpoint", headers={"Content-Type": "application/json"})Parameters:
url(str): The authentication endpoint URL.method(str, optional): The HTTP method for authentication requests. Defaults to "post".headers(dict, optional): Additional headers to include in authentication requests.response_handler(callable, optional): A function to process the authentication response.token_key(str, optional): The key to identify the authentication token in the response. Defaults to "access".cookie_lifetime(timedelta, optional): The lifetime of the authentication cookie. Defaults to timedelta(minutes=15).
The login method is used to display a login form and handle user authentication. By default, it is configured to be
used within a Streamlit application.
from streamlit_jwt_authenticator import Authenticator
authenticator = Authenticator(...)
authenticator.login()Parameters:
location(str, optional): Location to display the login form, either 'main' or 'sidebar'. Defaults to 'main'.
The logout method handles user logout by clearing authentication cookies and session state. Please
check authentication_status before display logout form.
import streamlit as st
from streamlit_jwt_authenticator import Authenticator
authenticator = Authenticator(...)
if st.session_state["authentication_status"]:
authenticator.logout()Parameters:
location(str, optional): Location to display the logout button, either 'main' or 'sidebar'. Defaults to 'main'.button_name(str, optional): The label for the logout button. Defaults to 'Logout'.key(str, optional): A key to associate with the logout button for Streamlit caching. Defaults to None.
Inspired by the Streamlit Authenticator library.
Streamlit JWT Authenticator is completely free and open-source and licensed under the Apache 2.0 license.