{"id":8687,"library":"streamlit-authenticator","title":"Streamlit Authenticator","description":"Streamlit Authenticator (current version 0.4.2) is a Python library that provides a secure authentication module to manage user access in Streamlit applications. It offers various widgets for login, logout, user registration, password reset, and user detail modification, supporting both local credential management and integration with OAuth2 providers. The library is actively maintained with frequent releases introducing new features and improvements.","status":"active","version":"0.4.2","language":"en","source_language":"en","source_url":"https://github.com/mkhorasani/Streamlit-Authenticator","tags":["streamlit","authentication","security","login","auth","webapp"],"install":[{"cmd":"pip install streamlit-authenticator","lang":"bash","label":"Install Streamlit Authenticator"}],"dependencies":[{"reason":"Core framework dependency for building web applications.","package":"streamlit","optional":false},{"reason":"Used for certain UI components and functionality, especially in older versions.","package":"extra-streamlit-components","optional":false},{"reason":"Required for loading/saving credentials from/to YAML configuration files.","package":"pyyaml","optional":false}],"imports":[{"note":"The common pattern is to import the module as 'stauth' and then access 'Authenticate' and 'Hasher' classes from it.","wrong":"from streamlit_authenticator import Authenticate","symbol":"Authenticate","correct":"import streamlit_authenticator as stauth\nauthenticator = stauth.Authenticate(...)"},{"note":"While the utility path might work, the recommended and more stable import pattern is via the top-level 'streamlit_authenticator' module as 'stauth'.","wrong":"from streamlit_authenticator.utilities import Hasher","symbol":"Hasher","correct":"import streamlit_authenticator as stauth\nhashed_passwords = stauth.Hasher(passwords).generate()"}],"quickstart":{"code":"import streamlit as st\nimport streamlit_authenticator as stauth\nimport yaml\nfrom yaml.loader import SafeLoader\n\n# --- User Credentials & Cookie Configuration (typically from config.yaml) ---\nconfig = {\n    'credentials': {\n        'usernames': {\n            'john_doe': {\n                'email': 'john@example.com',\n                'name': 'John Doe',\n                'password': 'abc' # Will be hashed if auto_hash is True\n            },\n            'rebecca_smith': {\n                'email': 'rebecca@example.com',\n                'name': 'Rebecca Smith',\n                'password': 'def'\n            }\n        }\n    },\n    'cookie': {\n        'expiry_days': 30,\n        'key': 'random_signature_key_here',\n        'name': 'my_app_cookie'\n    }\n}\n\n# To simulate loading from file (for demonstration, usually you'd load from actual config.yaml)\n# In a real app, you would load this from a persistent config.yaml file.\n# Example: with open('config.yaml') as file:\n#              config = yaml.load(file, Loader=SafeLoader)\n\n# Hash passwords only if not already hashed (auto_hash=True by default in Authenticate)\n# You can pre-hash them explicitly if you wish:\n# for username, user_data in config['credentials']['usernames'].items():\n#    user_data['password'] = stauth.Hasher([user_data['password']]).generate()[0]\n\n# --- Initialize Authenticator ---\nauthenticator = stauth.Authenticate(\n    config['credentials'],\n    config['cookie']['name'],\n    config['cookie']['key'],\n    config['cookie']['expiry_days'],\n    # api_key=os.environ.get('STREAMLIT_AUTH_API_KEY', None) # For 2FA/email features\n)\n\n# --- Login Widget ---\nname, authentication_status, username = authenticator.login('Login', 'main')\n\nif authentication_status == False:\n    st.error('Username/password is incorrect')\nelif authentication_status == None:\n    st.warning('Please enter your username and password')\nelif authentication_status:\n    # --- Main App Content for Authenticated Users ---\n    authenticator.logout('Logout', 'main')\n    st.write(f'Welcome *{name}*')\n    st.title('Application Content')\n    st.write('This content is only visible to authenticated users.')\n\n    # Example of accessing user info from session state\n    # st.write(f\"Current user: {st.session_state['username']}\")\n    # st.write(f\"Authentication status: {st.session_state['authentication_status']}\")\n","lang":"python","description":"This quickstart demonstrates how to set up basic username/password authentication using `streamlit-authenticator`. It initializes the authenticator with credentials (hardcoded for brevity, but typically loaded from a `config.yaml` file), displays a login widget, and then shows protected content upon successful authentication. It also includes a logout button. For a real application, replace hardcoded `config` with loading from a `config.yaml` and consider storing sensitive keys in environment variables."},"warnings":[{"fix":"Update your `Authenticate` initialization to pass a single dictionary for `credentials` (or a file path) that includes usernames, names, and passwords. Refer to the latest documentation for the correct structure. For example, `stauth.Authenticate(config['credentials'], ...)` where `config` is loaded from a YAML file.","message":"The `Authenticate` class constructor parameters changed significantly between versions (e.g., from v0.3.x to v0.4.x). The `credentials` parameter now expects a dictionary or a path to a config file, rather than separate lists for names, usernames, and hashed passwords.","severity":"breaking","affected_versions":">=0.4.0"},{"fix":"If you were using `pre_authorized`, remove it from the `Authenticate` constructor and pass it as a parameter when calling `authenticator.register_user(...)` instead.","message":"The `pre_authorized` list was removed from the `Authenticate` class constructor in v0.4.1 and is now handled directly by the `register_user` widget as a parameter.","severity":"breaking","affected_versions":">=0.4.1"},{"fix":"Store the initialized `authenticator` object in `st.session_state` on your main page and access it from other pages. Always provide unique `key` arguments to all `streamlit-authenticator` widgets in multi-page apps.","message":"For multi-page Streamlit applications, it is crucial to pass the `authenticator` object to each page (e.g., via `st.session_state`) and ensure `key` parameters are unique for widgets across pages to prevent `DuplicateWidgetID` errors.","severity":"gotcha","affected_versions":"All versions"},{"fix":"Register for an API key at `stauthenticator.com` and provide it to the `Authenticate` class during initialization, either directly or within your configuration dictionary.","message":"Enabling two-factor authentication or email features (e.g., for password reset) in v0.4.2 requires registering for a free API key and passing it to the `Authenticate` constructor via the `api_key` parameter or in the config file.","severity":"gotcha","affected_versions":">=0.4.2"}],"env_vars":null,"last_verified":"2026-04-16T00:00:00.000Z","next_check":"2026-07-15T00:00:00.000Z","problems":[{"fix":"Ensure you are initializing `stauth.Authenticate` with the correct signature for your version. For v0.4.x+, this usually means passing `config['credentials'], config['cookie']['name'], config['cookie']['key'], config['cookie']['expiry_days']` (or simply `config['credentials']` and other cookie params directly if not loading from file).","cause":"This error typically occurs when migrating from older versions (e.g., pre-0.4.0) where `Authenticate` expected separate arguments for credentials and cookie settings, to newer versions where a single `config` dictionary (or path) is preferred, or when attempting to pass the credentials list and then the config dict.","error":"TypeError: Authenticate.init() got multiple values for argument 'cookie_expiry_days'"},{"fix":"Verify that the `credentials` argument passed to `stauth.Authenticate` is a dictionary with 'usernames' as a key, and that 'usernames' itself maps to a dictionary of user objects, as per the current documentation's YAML structure.","cause":"This error often arises when the `credentials` dictionary (or what's treated as credentials) is expected to be a dictionary of usernames but receives a list, especially if an older quickstart pattern is followed with a new library version.","error":"TypeError: list indices must be integers or slices, not str"},{"fix":"Double-check your `config.yaml` file structure. Ensure it has a top-level `credentials` key, which then contains the `usernames` dictionary with user details. Also, confirm the YAML file is correctly loaded.","cause":"The authenticator attempts to access `config['credentials']` but the `config` dictionary (often loaded from YAML) is either empty, malformed, or the 'credentials' key is missing.","error":"KeyError: 'credentials'"},{"fix":"Review the `stauth.Authenticate()` initialization parameters for correctness (credentials, cookie details). Also ensure your Streamlit environment is up-to-date and that `streamlit-authenticator` is installed correctly.","cause":"This message might appear if the `authenticator.login()` call is made with invalid parameters, or if the `authenticator` object itself was not initialized correctly, leading to the widget failing to render.","error":"Login form did not render correctly. Check your configuration."}]}