{"id":14959552,"url":"https://github.com/mkhorasani/streamlit-authenticator","last_synced_at":"2025-05-13T17:04:57.502Z","repository":{"id":37729286,"uuid":"425326259","full_name":"mkhorasani/Streamlit-Authenticator","owner":"mkhorasani","description":"A secure authentication module to manage user access in a Streamlit application.","archived":false,"fork":false,"pushed_at":"2025-04-23T16:31:30.000Z","size":4594,"stargazers_count":1872,"open_issues_count":46,"forks_count":280,"subscribers_count":18,"default_branch":"main","last_synced_at":"2025-04-24T01:51:16.355Z","etag":null,"topics":["2fa","authentication","oauth2","python","streamlit","streamlit-component"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/mkhorasani.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2021-11-06T19:06:18.000Z","updated_at":"2025-04-23T16:31:35.000Z","dependencies_parsed_at":"2024-02-14T08:29:46.361Z","dependency_job_id":"df3fb4ff-f0ee-41c8-9e71-12618fcc2754","html_url":"https://github.com/mkhorasani/Streamlit-Authenticator","commit_stats":{"total_commits":226,"total_committers":5,"mean_commits":45.2,"dds":0.03982300884955747,"last_synced_commit":"4d066cbf70c0d596199dbc31380fc5e5383147f6"},"previous_names":[],"tags_count":10,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mkhorasani%2FStreamlit-Authenticator","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mkhorasani%2FStreamlit-Authenticator/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mkhorasani%2FStreamlit-Authenticator/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mkhorasani%2FStreamlit-Authenticator/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/mkhorasani","download_url":"https://codeload.github.com/mkhorasani/Streamlit-Authenticator/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":253990460,"owners_count":21995774,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["2fa","authentication","oauth2","python","streamlit","streamlit-component"],"created_at":"2024-09-24T13:19:59.423Z","updated_at":"2025-05-13T17:04:57.476Z","avatar_url":"https://github.com/mkhorasani.png","language":"Python","readme":"\u003cimg src=\"https://raw.githubusercontent.com/mkhorasani/Streamlit-Authenticator/main/graphics/logo.png\" alt=\"Streamlit Authenticator logo\" style=\"margin-top:50px;width:450px\"\u003e\u003c/img\u003e\n\u003c!--- [![Downloads](https://pepy.tech/badge/streamlit-authenticator)](https://pepy.tech/project/streamlit-authenticator) ---\u003e\n\u003c!--- [![\"Buy Me A Coffee\"](https://www.buymeacoffee.com/assets/img/custom_images/orange_img.png)](https://www.buymeacoffee.com/khorasani) ---\u003e\n\n**A secure authentication module to manage user access in a Streamlit application**\n\n[![Downloads](https://static.pepy.tech/badge/streamlit-authenticator)](https://pepy.tech/project/streamlit-authenticator)\n[![Downloads](https://static.pepy.tech/badge/streamlit-authenticator/month)](https://pepy.tech/project/streamlit-authenticator)\n[![Downloads](https://static.pepy.tech/badge/streamlit-authenticator/week)](https://pepy.tech/project/streamlit-authenticator)\n\u003c!--- \u003cbr/\u003e\u003cbr/\u003e\u003cbr/\u003e ---?\n\u003c!--- \u003ca href=\"http://tinyurl.com/2p8mw32d\"\u003e\u003cimg src=\"https://raw.githubusercontent.com/mkhorasani/streamlit_authenticator_test/main/Web%20App%20Web%20Dev%20with%20Streamlit%20-%20Cover.png\" width=\"300\" height=\"450\"\u003e ---\u003e\n\n\u003c!--- ###### _To learn more please refer to my book [Web Application Development with Streamlit](http://tinyurl.com/2p8mw32d)._ ---\u003e\n\n## Table of Contents\n- [Quickstart](#1-quickstart)\n- [Installation](#2-installation)\n- [Creating a config file](#3-creating-a-config-file)\n- [Setup](#4-setup)\n- [Creating a login widget](#5-creating-a-login-widget)\n- [Creating a guest login widget](#6-creating-a-guest-login-widget) 🚀 **NEW**\n- [Authenticating users](#7-authenticating-users)\n- [Enabling two factor authentication](#8-enabling-two-factor-authentication) 🚀 **NEW**\n- [Creating a reset password widget](#9-creating-a-reset-password-widget)\n- [Creating a new user registration widget](#10-creating-a-new-user-registration-widget)\n- [Creating a forgot password widget](#11-creating-a-forgot-password-widget)\n- [Creating a forgot username widget](#12-creating-a-forgot-username-widget)\n- [Creating an update user details widget](#13-creating-an-update-user-details-widget)\n- [Updating the config file](#14-updating-the-config-file)\n- [License](#license)\n\n### 1. Quickstart\n\n* Subscribe to receive a free [API key](https://stauthenticator.com/)\n* Check out the [demo app](https://st-demo-application.streamlit.app/).\n* Feel free to visit the [API reference](https://streamlit-authenticator.readthedocs.io/en/stable/).\n* And finally follow the tutorial below.\n\n### 2. Installation\n\nStreamlit-Authenticator is distributed via [PyPI](https://pypi.org/project/streamlit-authenticator/):\n\n```python\npip install streamlit-authenticator\n```\n\nUsing Streamlit-Authenticator is as simple as importing the module and calling it to verify your user's credentials.\n\n```python\nimport streamlit as st\nimport streamlit_authenticator as stauth\n```\n\n### 3. Creating a config file\n\n* Create a YAML config file and add to it your user's credentials: including username, email, first name, last name, and password (plain text passwords will be hashed automatically).\n* Enter a name, random key, and number of days to expiry, for a re-authentication cookie that will be stored on the client's browser to enable password-less re-authentication. If you do not require re-authentication, you may set the number of days to expiry to 0.\n* Define an optional list of pre-authorized emails of users who are allowed to register and add their credentials to the config file using the **register_user** widget.\n* Add the optional configuration parameters for OAuth2 if you wish to use the **experimental_guest_login** button.\n* **_Please remember to update the config file (as shown in step 14) whenever the contents are modified or after using any of the widgets or buttons._**\n\n```python\ncookie:\n  expiry_days: 30\n  key: # To be filled with any string\n  name: # To be filled with any string\ncredentials:\n  usernames:\n    jsmith:\n      email: jsmith@gmail.com\n      failed_login_attempts: 0 # Will be managed automatically\n      first_name: John\n      last_name: Smith\n      logged_in: False # Will be managed automatically\n      password: abc # Will be hashed automatically\n      roles: # Optional\n      - admin\n      - editor\n      - viewer\n    rbriggs:\n      email: rbriggs@gmail.com\n      failed_login_attempts: 0 # Will be managed automatically\n      first_name: Rebecca\n      last_name: Briggs\n      logged_in: False # Will be managed automatically\n      password: def # Will be hashed automatically\n      roles: # Optional\n      - viewer\noauth2: # Optional\n  google: # Follow instructions: https://developers.google.com/identity/protocols/oauth2\n    client_id: # To be filled\n    client_secret: # To be filled\n    redirect_uri: # URL to redirect to after OAuth2 authentication\n  microsoft: # Follow instructions: https://learn.microsoft.com/en-us/graph/auth-register-app-v2\n    client_id: # To be filled\n    client_secret: # To be filled\n    redirect_uri: # URL to redirect to after OAuth2 authentication\n    tenant_id: # To be filled\npre-authorized: # Optional\n  emails:\n  - melsby@gmail.com\napi_key: # Optional - register to receive a free API key: https://stauthenticator.com\n```\n\n* _Please note that the 'failed_login_attempts' and 'logged_in' fields corresponding to each user's number of failed login attempts and log-in status in the credentials will be added and managed automatically._\n\n### 4. Setup\n\n* Subsequently import the config file into your script and create an authentication object.\n\n```python\nimport yaml\nfrom yaml.loader import SafeLoader\n\nwith open('../config.yaml') as file:\n    config = yaml.load(file, Loader=SafeLoader)\n\n# Pre-hashing all plain text passwords once\n# stauth.Hasher.hash_passwords(config['credentials'])\n\nauthenticator = stauth.Authenticate(\n    config['credentials'],\n    config['cookie']['name'],\n    config['cookie']['key'],\n    config['cookie']['expiry_days']\n)\n```\n\n* Plain text passwords will be hashed automatically by default, however, for a large number of users it is recommended to pre-hash the passwords in the credentials using the **Hasher.hash_passwords** function.\n* If you choose to pre-hash the passwords, please set the **auto_hash** parameter in the **Authenticate** class to False.\n\n\u003e ### Hasher.hash_passwords\n\u003e #### Parameters:\n\u003e  - **credentials:** _dict_\n\u003e    - The credentials dict with plain text passwords.\n\u003e #### Returns:\n\u003e - _dict_\n\u003e   - The credentials dict with hashed passwords.\n\n\u003e ### Authenticate\n\u003e #### Parameters:\n\u003e  - **credentials:** _dict, str_\n\u003e    - Dictionary with the usernames, names, passwords, and emails, and other user data, or path pointing to the location of the config file.\n\u003e  - **cookie_name:** _str_\n\u003e    - Specifies the name of the re-authentication cookie stored on the client's browser for password-less re-authentication.\n\u003e  - **cookie_key:** _str_\n\u003e    - Specifies the key that will be used to hash the signature of the re-authentication cookie.\n\u003e  - **cookie_expiry_days:** _float, default 30.0_\n\u003e    - Specifies the number of days before the re-authentication cookie automatically expires on the client's browser.\n\u003e  - **validator:** _Validator, optional, default None_\n\u003e    - Provides a validator object that will check the validity of the username, name, and email fields.\n\u003e  - **auto_hash:** _bool, default True_\n\u003e    - Automatic hashing requirement for passwords, True: plain text passwords will be hashed automatically, False: plain text passwords will not be hashed automatically.\n\u003e  - **api_key:** _str, optional, default None_\n\u003e    - API key used to connect to the cloud server to send two factor authorization codes, reset passwords, and forgotten usernames to the user by email.\n\u003e  - ****kwargs:** _dict, optional_\n\u003e    - Arguments to pass to the Authenticate class.\n\n* **_Please remember to pass the authenticator object to each and every page in a multi-page application as a session state variable._**\n\n### 5. Creating a login widget\n\n* You can render the **login** widget as follows.\n\n```python\ntry:\n    authenticator.login()\nexcept Exception as e:\n    st.error(e)\n```\n\n\u003e ### Authenticate.login\n\u003e #### Parameters:\n\u003e  - **location:** _str, {'main', 'sidebar', 'unrendered'}, default 'main'_\n\u003e    - Specifies the location of the login widget.\n\u003e  - **max_concurrent_users:** _int, optional, default None_\n\u003e    - Limits the number of concurrent users. If not specified there will be no limit to the number of concurrently logged in users.\n\u003e  - **max_login_attempts:** _int, optional, default None_\n\u003e    - Limits the number of failed login attempts. If not specified there will be no limit to the number of failed login attempts.\n\u003e  - **fields:** _dict, optional, default {'Form name':'Login', 'Username':'Username', 'Password':'Password', 'Login':'Login', 'Captcha':'Captcha'}_\n\u003e    - Customizes the text of headers, buttons and other fields.\n\u003e  - **captcha:** _bool, default False_\n\u003e    - Specifies the captcha requirement for the login widget, True: captcha required, False: captcha removed.\n\u003e  - **single_session:** _bool, default False_\n\u003e    - Disables the ability for the same user to log in multiple sessions, True: single session allowed, False: multiple sessions allowed.\n\u003e  - **clear_on_submit:** _bool, default False_\n\u003e    - Specifies the clear on submit setting, True: clears inputs on submit, False: keeps inputs on submit.\n\u003e  - **key:** _str, default 'Login'_\n\u003e    - Unique key provided to widget to avoid duplicate WidgetID errors.\n\u003e  - **callback:** _callable, optional, default None_\n\u003e    - Callback function that will be invoked on form submission with a dict as a parameter.\n\n![](https://github.com/mkhorasani/Streamlit-Authenticator/blob/main/graphics/login_form.JPG)\n\n* **_Please remember to re-invoke an 'unrendered' login widget on each and every page in a multi-page application._**\n* **_Please remember to update the config file (as shown in step 14) after you use this widget._**\n\n### 6. Creating a guest login widget\n\n* You may use the **experimental_guest_login** button to log in non-registered users with their Google or Microsoft accounts using OAuth2.\n* To create the client ID and client secret parameters for Google OAuth2 please refer to [Google's documentation](https://developers.google.com/identity/protocols/oauth2).\n* To create the client ID, client secret, and tenant ID parameters for Microsoft OAuth2 please refer to [Microsoft's documentation](https://learn.microsoft.com/en-us/graph/auth-register-app-v2).\n* Once you have created the OAuth2 configuration parameters, add them to the config file as shown in step 3.\n\n```python\ntry:\n    authenticator.experimental_guest_login('Login with Google',\n                                           provider='google',\n                                           oauth2=config['oauth2'])\n    authenticator.experimental_guest_login('Login with Microsoft',\n                                           provider='microsoft',\n                                           oauth2=config['oauth2'])\nexcept Exception as e:\n    st.error(e)\n```\n\n\u003e ### Authenticate.experimental_guest_login\n\u003e #### Parameters:\n\u003e  - **button_name:** _str, default 'Guest login'_\n\u003e    - Rendered name of the guest login button.\n\u003e  - **location:** _str, {'main', 'sidebar'}, default 'main'_\n\u003e    - Specifies the location of the guest login button.\n\u003e  - **provider:** _str, {'google', 'microsoft'}, default 'google'_\n\u003e    - Selection for OAuth2 provider, Google or Microsoft.\n\u003e  - **oauth2:** _dict, optional, default None_\n\u003e    - Configuration parameters to implement an OAuth2 authentication.\n\u003e  - **max_concurrent_users:** _int, optional, default None_\n\u003e    - Limits the number of concurrent users. If not specified there will be no limit to the number of concurrently logged in users.\n\u003e  - **single_session:** _bool, default False_\n\u003e    - Disables the ability for the same user to log in multiple sessions, True: single session allowed, False: multiple sessions allowed.\n\u003e  - **roles:** _list, optional, default None_\n\u003e    - User roles for guest users.\n\u003e  - **use_container_width:** _bool, default False_\n\u003e    - Button width setting, True: width will match container, False: width will fit to button contents.\n\u003e  - **callback:** _callable, optional, default None_\n\u003e    - Callback function that will be invoked on button press with a dict as a parameter.\n\n![](https://github.com/mkhorasani/Streamlit-Authenticator/blob/main/graphics/guest_login_buttons.JPG)\n\n![](https://github.com/mkhorasani/Streamlit-Authenticator/blob/main/graphics/guest_login_google.JPG)\n\n![](https://github.com/mkhorasani/Streamlit-Authenticator/blob/main/graphics/guest_login_microsoft.JPG)\n\n* Please note that upon successful login, the guest user's name, email, and other information will be registered in the credentials dictionary and their re-authentication cookie will be saved automatically.\n* **_Please remember to update the config file (as shown in step 14) after you use this widget._**\n\n### 7. Authenticating users\n\n* You can then retrieve the name, authentication status, username, and roles from Streamlit's session state using the keys **'name'**, **'authentication_status'**, **'username'**, and **'roles'** to allow a verified user to access restricted content.\n* You may also render a logout button, or may choose not to render the button if you only need to implement the logout logic programmatically.\n* The optional **key** parameter for the logout button should be used with multi-page applications to prevent Streamlit from throwing duplicate key errors.\n\n```python\nif st.session_state.get('authentication_status'):\n    authenticator.logout()\n    st.write(f'Welcome *{st.session_state.get(\"name\")}*')\n    st.title('Some content')\nelif st.session_state.get('authentication_status') is False:\n    st.error('Username/password is incorrect')\nelif st.session_state.get('authentication_status') is None:\n    st.warning('Please enter your username and password')\n```\n\n\u003e ### Authenticate.logout\n\u003e #### Parameters:\n\u003e  - **button_name:** _str, default 'Logout'_\n\u003e    - Customizes the button name.\n\u003e  - **location:** _str, {'main', 'sidebar', 'unrendered'}, default 'main'_\n\u003e    - Specifies the location of the logout button. If 'unrendered' is passed, the logout logic will be executed without rendering the button.\n\u003e  - **key:** _str, default None_\n\u003e    - Unique key that should be used in multi-page applications.\n\u003e  - **use_container_width:** _bool, default False_\n\u003e    - Button width setting, True: width will match container, False: width will fit to button contents.\n\u003e  - **callback:** _callable, optional, default None_\n\u003e    - Callback function that will be invoked on form submission with a dict as a parameter.\n\n![](https://github.com/mkhorasani/Streamlit-Authenticator/blob/main/graphics/logged_in.JPG)\n\n* Or prompt an unverified user to enter a correct username and password.\n\n![](https://github.com/mkhorasani/Streamlit-Authenticator/blob/main/graphics/incorrect_login.JPG)\n\n* You may also retrieve the number of failed login attempts a user has made by accessing **st.session_state.get('failed_login_attempts')** which returns a dictionary with the username as key and the number of failed attempts as the value.\n\n### 8. Enabling two factor authentication\n\n* You may enable two factor authentication for the **register_user**, **forgot_password**, and **forgot_username** widgets for enhanced security.\n* First register to receive a free API key [here](https://stauthenticator.com/).\n* Then add your API key to the the authenticator object as **api_key** or alternatively add it to the config file as shown in step 3.\n* Finally set the **two_factor_auth** parameter for the widget to True, this will prompt the user to enter a four digit code sent to their email.\n\n![](https://github.com/mkhorasani/Streamlit-Authenticator/blob/main/graphics/two_factor_authentication.JPG)\n\n![](https://github.com/mkhorasani/Streamlit-Authenticator/blob/main/graphics/two_factor_authentication_email.JPG)\n\n* For the **forgot_password** and **forgot_username** widgets if you require the returned password and username to be sent to the user's email then you may set the **send_email** parameter to True.\n\n![](https://github.com/mkhorasani/Streamlit-Authenticator/blob/main/graphics/two_factor_authentication_email_password.JPG)\n\n![](https://github.com/mkhorasani/Streamlit-Authenticator/blob/main/graphics/two_factor_authentication_email_username.JPG)\n\n* **_Please check your spam folder to ensure emails are not being filtered._**\n\n### 9. Creating a reset password widget\n\n* You may use the **reset_password** widget to allow a logged in user to modify their password as shown below.\n\n```python\nif st.session_state.get('authentication_status'):\n    try:\n        if authenticator.reset_password(st.session_state.get('username')):\n            st.success('Password modified successfully')\n    except Exception as e:\n        st.error(e)\n```\n\n\u003e ### Authenticate.reset_password\n\u003e #### Parameters:\n\u003e  - **username:** _str_\n\u003e    - Specifies the username of the user to reset the password for.\n\u003e  - **location:** _str, {'main', 'sidebar'}, default 'main'_\n\u003e    - Specifies the location of the reset password widget.\n\u003e  - **fields:** _dict, optional, default {'Form name':'Reset password', 'Current password':'Current password', 'New password':'New password', 'Repeat password': 'Repeat password', 'Reset':'Reset'}_\n\u003e    - Customizes the text of headers, buttons and other fields.\n\u003e  - **clear_on_submit:** _bool, default False_\n\u003e    - Specifies the clear on submit setting, True: clears inputs on submit, False: keeps inputs on submit.\n\u003e  - **key:** _str, default 'Reset password'_\n\u003e    - Unique key provided to widget to avoid duplicate WidgetID errors.\n\u003e  - **callback:** _callable, optional, default None_\n\u003e    - Callback function that will be invoked on form submission with a dict as a parameter.\n\u003e #### Returns::\n\u003e - _bool_\n\u003e   - Status of resetting the password.\n\n![](https://github.com/mkhorasani/Streamlit-Authenticator/blob/main/graphics/reset_password.JPG)\n\n* **_Please remember to update the config file (as shown in step 14) after you use this widget._**\n\n### 10. Creating a new user registration widget\n\n* You may use the **register_user** widget to allow a user to sign up to your application as shown below.\n* If you require the user to be pre-authorized, define a **pre_authorized** list of emails that are allowed to register, and add it to the config file or provide it as a parameter to the **register_user** widget.\n* Once they have registered, their email will be automatically removed from the **pre_authorized** list.\n* Alternatively, to allow anyone to sign up, do not provide a **pre_authorized** list.\n\n```python\ntry:\n    email_of_registered_user, \\\n    username_of_registered_user, \\\n    name_of_registered_user = authenticator.register_user(pre_authorized=config['pre-authorized']['emails'])\n    if email_of_registered_user:\n        st.success('User registered successfully')\nexcept Exception as e:\n    st.error(e)\n```\n\n\u003e ### Authenticate.register_user\n\u003e #### Parameters:\n\u003e  - **location:** _str, {'main', 'sidebar'}, default 'main'_\n\u003e    - Specifies the location of the register user widget.\n\u003e  - **pre_authorized:** _list, optional, default None_\n\u003e    - List of emails of unregistered users who are authorized to register. If no list is provided, all users will be allowed to register.\n\u003e  - **domains:** _list, optional, default None_\n\u003e    - Specifies the required list of domains a new email must belong to i.e. ['gmail.com', 'yahoo.com'], list: the required list of domains, None: any domain is allowed.\n\u003e  - **fields:** _dict, optional, default {'Form name':'Register user', 'Email':'Email', 'Username':'Username', 'Password':'Password', 'Repeat password':'Repeat password', 'Password hint':'Password hint', 'Captcha':'Captcha', 'Register':'Register'}_\n\u003e    - Customizes the text of headers, buttons and other fields.\n\u003e  - **captcha:** _bool, default True_\n\u003e    - Specifies the captcha requirement for the register user widget, True: captcha required, False: captcha removed.\n\u003e  - **roles:** _list, optional, default None_\n\u003e    - User roles for registered users.\n\u003e  - **merge_username_email:** _bool, default False_\n\u003e    - Merges username into email field, True: username will be the same as the email, False: username and email will be independent.\n\u003e  - **password_hint:** _bool, default True_\n\u003e    - Requirement for entering a password hint, True: password hint field added, False: password hint field removed.\n\u003e  - **two_factor_auth:** _bool, default False_\n\u003e    - Specifies whether to enable two factor authentication for the forgot password widget, True: two factor authentication enabled, False: two factor authentication disabled.\n\u003e  - **clear_on_submit:** _bool, default False_\n\u003e    - Specifies the clear on submit setting, True: clears inputs on submit, False: keeps inputs on submit.\n\u003e  - **key:** _str, default 'Register user'_\n\u003e    - Unique key provided to widget to avoid duplicate WidgetID errors.\n\u003e  - **callback:** _callable, optional, default None_\n\u003e    - Callback function that will be invoked on form submission with a dict as a parameter.\n\u003e #### Returns:\n\u003e - _str_\n\u003e   - Email associated with the new user.\n\u003e - _str_\n\u003e   - Username associated with the new user.\n\u003e - _str_\n\u003e   - Name associated with the new user.\n\n![](https://github.com/mkhorasani/Streamlit-Authenticator/blob/main/graphics/register_user.JPG)\n\n* **_Please remember to update the config file (as shown in step 14) after you use this widget._**\n\n### 11. Creating a forgot password widget\n\n* You may use the **forgot_password** widget to allow a user to generate a new random password.\n* The new password will be automatically hashed and saved in the credentials dictionary.\n* The widget will return the username, email, and new random password which the developer can then transfer to the user securely using the send email feature shown in step 8.\n\n```python\ntry:\n    username_of_forgotten_password, \\\n    email_of_forgotten_password, \\\n    new_random_password = authenticator.forgot_password()\n    if username_of_forgotten_password:\n        st.success('New password to be sent securely')\n        # To securely transfer the new password to the user please see step 8.\n    elif username_of_forgotten_password == False:\n        st.error('Username not found')\nexcept Exception as e:\n    st.error(e)\n```\n\n\u003e ### Authenticate.forgot_password\n\u003e #### Parameters\n\u003e  - **location:** _str, {'main', 'sidebar'}, default 'main'_\n\u003e    - Specifies the location of the forgot password widget.\n\u003e  - **fields:** _dict, optional, default {'Form name':'Forgot password', 'Username':'Username',  'Captcha':'Captcha', 'Submit':'Submit'}_\n\u003e    - Customizes the text of headers, buttons and other fields.\n\u003e  - **captcha:** _bool, default False_\n\u003e    - Specifies the captcha requirement for the forgot password widget, True: captcha required, False: captcha removed.\n\u003e  - **send_email:** _bool, default False_\n\u003e    - Specifies whether to send the generated password to the user's email, True: password will be sent to user's email, False: password will not be sent to user's email.\n\u003e  - **two_factor_auth:** _bool, default False_\n\u003e    - Specifies whether to enable two factor authentication for the forgot password widget, True: two factor authentication enabled, False: two factor authentication disabled.\n\u003e  - **clear_on_submit:** _bool, default False_\n\u003e    - Specifies the clear on submit setting, True: clears inputs on submit, False: keeps inputs on submit.\n\u003e  - **key:** _str, default 'Forgot password'_\n\u003e    - Unique key provided to widget to avoid duplicate WidgetID errors.\n\u003e  - **callback:** _callable, optional, default None_\n\u003e    - Callback function that will be invoked on form submission with a dict as a parameter.\n\u003e #### Returns:\n\u003e - _str_\n\u003e   - Username associated with the forgotten password.\n\u003e - _str_\n\u003e   - Email associated with the forgotten password.\n\u003e - _str_\n\u003e   - New plain text password that should be transferred to the user securely.\n\n![](https://github.com/mkhorasani/Streamlit-Authenticator/blob/main/graphics/forgot_password.JPG)\n\n* **_Please remember to update the config file (as shown in step 14) after you use this widget._**\n\n### 12. Creating a forgot username widget\n\n* You may use the **forgot_username** widget to allow a user to retrieve their forgotten username.\n* The widget will return the username and email which the developer can then transfer to the user securely using the send email feature shown in step 8.\n\n```python\ntry:\n    username_of_forgotten_username, \\\n    email_of_forgotten_username = authenticator.forgot_username()\n    if username_of_forgotten_username:\n        st.success('Username to be sent securely')\n        # To securely transfer the username to the user please see step 8.\n    elif username_of_forgotten_username == False:\n        st.error('Email not found')\nexcept Exception as e:\n    st.error(e)\n```\n\n\u003e ### Authenticate.forgot_username\n\u003e #### Parameters\n\u003e  - **location:** _str, {'main', 'sidebar'}, default 'main'_\n\u003e    - Specifies the location of the forgot username widget.\n\u003e  - **fields:** _dict, optional, default {'Form name':'Forgot username', 'Email':'Email', 'Captcha':'Captcha', 'Submit':'Submit'}_\n\u003e    - Customizes the text of headers, buttons and other fields.\n\u003e  - **captcha:** _bool, default False_\n\u003e    - Specifies the captcha requirement for the forgot username widget, True: captcha required, False: captcha removed.\n\u003e  - **send_email:** _bool, default False_\n\u003e    - Specifies whether to send the retrieved username to the user's email, True: username will be sent to user's email, False: username will not be sent to user's email.\n\u003e  - **two_factor_auth:** _bool, default False_\n\u003e    - Specifies whether to enable two factor authentication for the forgot username widget, True: two factor authentication enabled, False: two factor authentication disabled.\n\u003e  - **clear_on_submit:** _bool, default False_\n\u003e    - Specifies the clear on submit setting, True: clears inputs on submit, False: keeps inputs on submit.\n\u003e  - **key:** _str, default 'Forgot username'_\n\u003e    - Unique key provided to widget to avoid duplicate WidgetID errors.\n\u003e  - **callback:** _callable, optional, default None_\n\u003e    - Callback function that will be invoked on form submission with a dict as a parameter.\n\u003e #### Returns:\n\u003e - _str_\n\u003e   - Forgotten username that should be transferred to the user securely.\n\u003e - _str_\n\u003e   - Email associated with the forgotten username.\n\n![](https://github.com/mkhorasani/Streamlit-Authenticator/blob/main/graphics/forgot_username.JPG)\n\n### 13. Creating an update user details widget\n\n* You may use the **update_user_details** widget to allow a logged in user to update their name and/or email.\n* The widget will automatically save the updated details in both the credentials dictionary and re-authentication cookie.\n\n```python\nif st.session_state.get('authentication_status'):\n    try:\n        if authenticator.update_user_details(st.session_state.get('username')):\n            st.success('Entries updated successfully')\n    except Exception as e:\n        st.error(e)\n```\n\n\u003e ### Authenticate.update_user_details\n\u003e #### Parameters\n\u003e  - **username:** _str_\n\u003e    - Specifies the username of the user to update user details for.\n\u003e  - **location:** _str, {'main', 'sidebar'}, default 'main'_\n\u003e    - Specifies the location of the update user details widget.\n\u003e  - **fields:** _dict, optional, default {'Form name':'Update user details', 'Field':'Field', 'First name':'First name', 'Last name':'Last name', 'Email':'Email', 'New value':'New value', 'Update':'Update'}_\n\u003e    - Customizes the text of headers, buttons and other fields.\n\u003e  - **clear_on_submit:** _bool, default False_\n\u003e    - Specifies the clear on submit setting, True: clears inputs on submit, False: keeps inputs on submit.\n\u003e  - **key:** _str, default 'Update user details'_\n\u003e    - Unique key provided to widget to avoid duplicate WidgetID errors.\n\u003e  - **callback:** _callable, optional, default None_\n\u003e    - Callback function that will be invoked on form submission with a dict as a parameter.\n\u003e #### Returns:\n\u003e - _bool_\n\u003e   - Status of updating the user details.\n\n![](https://github.com/mkhorasani/Streamlit-Authenticator/blob/main/graphics/update_user_details.JPG)\n\n* **_Please remember to update the config file (as shown in step 14) after you use this widget._**\n\n### 14. Updating the config file\n\n* Please ensure that the config file is re-saved whenever the contents are modified or after using any of the widgets or buttons.\n\n```python\nwith open('../config.yaml', 'w') as file:\n    yaml.dump(config, file, default_flow_style=False, allow_unicode=True)\n```\n* Please note that this step is not required if you are providing the config file as a path to the **Authenticate** class.\n  \n## License\n\nThis project is proprietary software. The use of this software is governed by the terms specified in the [LICENSE](https://github.com/mkhorasani/Streamlit-Authenticator/blob/main/LICENSE) file. Unauthorized copying, modification, or distribution of this software is prohibited.\n","funding_links":["https://www.buymeacoffee.com/khorasani"],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmkhorasani%2Fstreamlit-authenticator","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmkhorasani%2Fstreamlit-authenticator","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmkhorasani%2Fstreamlit-authenticator/lists"}