Cannot reproduce successful login running streamlit_authenticator_test.py. Version 0.3.2 (downloaded via pip).

[jrojer]

https://github.com/mkhorasani/Streamlit-Authenticator/blob/7a6b2f96426af0b0ab7a5462bfa475e0eed7c1f5/tests/streamlit_authenticator_test.py

[mkhorasani]

Hi @jrojer, can you please tell me exactly what error you're facing?

[jrojer]

basically I download your config.yaml and the test file as is. Then generate hash for the first user using

from streamlit_authenticator.utilities.hasher import Hasher
hashed_passwords = Hasher(['abc', 'def']).generate()

['$2b$12$V0II5n4vIwgSbXyv1ApeAuhoAcB5pMOUnXf1e.e.qtXMaodw4KLIC', '$2b$12$3/wsn5iX.OKEfqUbrY9vceUBI4kySjWY6XpNRMybx8htKnk17OEMq']

Update the config manually.

When running via streamlit run, the page popup up normally. I enter valid creds and get Username/password is incorrect.

[jrojer]

I noticed that after I couldn't reproduce the approach in the README.

[mkhorasani]

Please ensure that you are saving the hashed passwords in the config.yaml file without any quotation marks.

[jrojer]

no quotation marks, I checked

[mkhorasani]

Can you please share your source code?

[jrojer]

cookie:
  expiry_days: 30
  key: some_signature_key
  name: some_cookie_name
credentials:
  usernames:
    dbaldwin:
      email: dbaldwin@gmail.com
      failed_login_attempts: 0
      logged_in: false
      name: David Baldwin
      password: $2b$12$V0II5n4vIwgSbXyv1ApeAuhoAcB5pMOUnXf1e.e.qtXMaodw4KLIC
    jsmith:
      email: jsmith@gmail.com
      failed_login_attempts: 0
      logged_in: true
      name: John Smith
      password: $2b$12$iWlVOac3uujRvTrXDi6wructXftKmo/GyQd6SMu5FmyX306kH.yFO
    rbriggs:
      email: rbriggs@gmail.com
      failed_login_attempts: 0
      logged_in: false
      name: Rebecca Briggs
      password: $2b$12$uNaTgvGPG9rMbzOJHYaPQePw0DUfp1qHBrSq6l4O304qani6pKFpm
    rcouper:
      email: rcouper@gmail.com
      failed_login_attempts: 0
      logged_in: false
      name: Ross Couper
      password: $2b$12$Tir/PbHVmmnt5kgNxgOwMuxNIb2fv2pJ.q71TW8ekvbugCqkye4yu
    wdewe:
      email: wedw@ew.com
      failed_login_attempts: 0
      logged_in: false
      name: dwew
      password: $2b$12$QJBPc7PxaTTBVJ.3cl4KlOPPqYCWVfaHqkk2IsoGDExXhihKZLDgy
pre-authorized:
  emails:
  - melsby@gmail.com

import yaml
import streamlit as st
from yaml.loader import SafeLoader
import streamlit_authenticator as stauth
from streamlit_authenticator.utilities.exceptions import (CredentialsError,
                                                          ForgotError,
                                                          LoginError,
                                                          RegisterError,
                                                          ResetError,
                                                          UpdateError) 

# Loading config file
with open('config.yaml', 'r', encoding='utf-8') as file:
    config = yaml.load(file, Loader=SafeLoader)

# Creating the authenticator object
authenticator = stauth.Authenticate(
    config['credentials'],
    config['cookie']['name'],
    config['cookie']['key'],
    config['cookie']['expiry_days'],
    config['pre-authorized']
)

# Creating a login widget
try:
    authenticator.login()
except LoginError as e:
    st.error(e)

if st.session_state["authentication_status"]:
    authenticator.logout()
    st.write(f'Welcome *{st.session_state["name"]}*')
    st.title('Some content')
elif st.session_state["authentication_status"] is False:
    st.error('Username/password is incorrect')
elif st.session_state["authentication_status"] is None:
    st.warning('Please enter your username and password')

# Creating a password reset widget
if st.session_state["authentication_status"]:
    try:
        if authenticator.reset_password(st.session_state["username"]):
            st.success('Password modified successfully')
    except ResetError as e:
        st.error(e)
    except CredentialsError as e:
        st.error(e)

# # Creating a new user registration widget
try:
    (email_of_registered_user,
        username_of_registered_user,
        name_of_registered_user) = authenticator.register_user(pre_authorization=False)
    if email_of_registered_user:
        st.success('User registered successfully')
except RegisterError as e:
    st.error(e)

# # Creating a forgot password widget
try:
    (username_of_forgotten_password,
        email_of_forgotten_password,
        new_random_password) = authenticator.forgot_password()
    if username_of_forgotten_password:
        st.success('New password sent securely')
        # Random password to be transferred to the user securely
    elif not username_of_forgotten_password:
        st.error('Username not found')
except ForgotError as e:
    st.error(e)

# # Creating a forgot username widget
try:
    (username_of_forgotten_username,
        email_of_forgotten_username) = authenticator.forgot_username()
    if username_of_forgotten_username:
        st.success('Username sent securely')
        # Username to be transferred to the user securely
    elif not username_of_forgotten_username:
        st.error('Email not found')
except ForgotError as e:
    st.error(e)

# # Creating an update user details widget
if st.session_state["authentication_status"]:
    try:
        if authenticator.update_user_details(st.session_state["username"]):
            st.success('Entries updated successfully')
    except UpdateError as e:
        st.error(e)

# Saving config file
with open('../config.yaml', 'w', encoding='utf-8') as file:
    yaml.dump(config, file, default_flow_style=False)

[mkhorasani]

Hmm, this is very unusual, can you please try creating a clean environment and reinstalling Streamlit-Authenticator and trying again?

[Matheus-Garbelini]

indeed seems that streamlit authenticator is not working with streamlit==1.36.0. In my case it can login, but the cookie is not saved or loaded

[Ginger-Tec]

indeed seems that streamlit authenticator is not working with streamlit==1.36.0. In my case it can login, but the cookie is not saved or loaded

I seem to be experiencing the issue on 1.36.0 as well.

[mkhorasani]

Hi @Ginger-Tec, sure I will take a look at this.

[dcbbdc]

I ran into the same issue, also on streamlit 1.36. Any update here?

This looks like a great library which I'd love to use in my projects.

[mkhorasani]

Dear @dcbbdc, @Ginger-Tec, @Matheus-Garbelini, and @jrojer, I just tested Streamlit-Authenticator with Streamlit==1.36.0 and the performance is as expected. Can you please verify that you are still facing this issue?

[dcbbdc]

@mkhorasani , unfortunately its not working for me.

I verified that I have streamlit 1.36.0 via pipenv graph | grep streamlit:

 - streamlit [required: >=1.25.0, installed: 1.36.0]

Here's my app, based on the first few steps of the tutorial here:

import yaml
from yaml.loader import SafeLoader
import streamlit as st
import streamlit_authenticator as stauth

with open('config.yaml') as file:
    config = yaml.load(file, Loader=SafeLoader)

authenticator = stauth.Authenticate(
    config['credentials'],
    config['cookie']['name'],
    config['cookie']['key'],
    config['cookie']['expiry_days'],
    config['pre-authorized']
)

authenticator.login()

if st.session_state["authentication_status"]:
    authenticator.logout()
    st.write(f'Welcome *{st.session_state["name"]}*')
    st.title('Some content')
elif st.session_state["authentication_status"] is False:
    st.error('Username/password is incorrect')
elif st.session_state["authentication_status"] is None:
    st.warning('Please enter your username and password')


# Saving config file
with open('config.yaml', 'w', encoding='utf-8') as file:
    yaml.dump(config, file, default_flow_style=False)

This is the config, copy-pasted from the tutorial (here, after the auto-hashing of the passwords):

cookie:
  expiry_days: 30
  key: some_signature_key
  name: some_cookie_name
credentials:
  usernames:
    jsmith:
      email: jsmith@gmail.com
      failed_login_attempts: 0
      logged_in: false
      name: John Smith
      password: $2b$12$5O2/kBgRIWzo0nGPjlY4QORUGpbCdf0P3Iy7O26cJFdABM6AKwd06
    rbriggs:
      email: rbriggs@gmail.com
      failed_login_attempts: 0
      logged_in: false
      name: Rebecca Briggs
      password: $2b$12$mkdFzXGyfi4.l2THszZ1beleHJSrdzfZ.b288H5v/5HduiZcz/T5W
pre-authorized:
  emails:
  - melsby@gmail.com

This is what I get (password revealed):

• I checked for extra whitespace in login and pw.
• Same issue with the user test user and password.
• Same issue on first attempt when the passwords are still plaintext in the yaml.

I'm on a Mac (14.5 (23F79)) and Chrome (Version 126.0.6478.127 (Offizieller Build) (arm64)).

Let me know if you need more info!

[chenyanbiao]

Using the username as rbriggs can simply resolve the issue. Don't use either email or name in the html but the username.

[jeromecoffin]

streamlit-authenticator: 0.3.2
streamlit : 1.36.0

Same problem here. I can get the login to work by putting a non-hashed password back into the YAML file. It is automatically hashed on the first login and works fine afterward. However, it doesn't work if I enter a password that is already hashed using streamlit_authenticator.utilities.hasher Hasher (by myself or using the example file)

[mkhorasani]

Dear all, I have refactored Streamlit-Authenticator and v0.3.3 will be released in the near future. Hopefully, this issue will be resolved. Please stay tuned.

[mkhorasani]

Dear all, I have refactored the codebase and believe that this issue may be resolved, please refer to v0.3.3.

[Volker-H]

I´ll install it in my test environment today and give it a try

[Danning666]

meet the same problem and it exists in v0.3.3 :( Sad