gradio icon indicating copy to clipboard operation
gradio copied to clipboard

Published 20 hours ago • verified publisher icon gradio-app

Request for Adding Logout Functionality

Open YuminosukeSato opened this issue 2 years ago • 5 comments

  • [x] I have searched to see if a similar issue already exists. Is your feature request related to a problem? Please describe. I often find it inconvenient when using Gradio that there isn't a way to log out from the system once I'm done using it. This creates a potential security risk, especially when using shared computers or public networks.

Describe the solution you'd like I would appreciate it if a logout functionality could be implemented in Gradio. This would allow users to securely log out after they have finished using the platform, ensuring that their sensitive information and session data are properly cleared.

Additional context It would be helpful if the logout option could be easily accessible from the user interface, perhaps in the form of a profile or account settings menu. This feature would enhance the overall user experience and provide an added layer of security to the application. Screenshots or mockups demonstrating the proposed logout feature's placement and design might be beneficial for consideration.

YuminosukeSato avatar Aug 10 '23 03:08 YuminosukeSato

Hi, Modifing the routes.py file in gradio adding the following code , makes the logout button work.

@app.get("/logout")
        def logout():
            response = RedirectResponse(url="/", status_code=status.HTTP_302_FOUND)
            response.delete_cookie(key=f"access-token-{app.cookie_id}")
            response.delete_cookie(key=f"access-token-unsecure-{app.cookie_id}")
            return response

Wonder if theres anyway to do that from main app withou modifing gradio files.

arieltoledo avatar Nov 27 '23 13:11 arieltoledo

Hello. Any progress on this issue?

ODENSUKI avatar Jan 10 '24 04:01 ODENSUKI

Hi, Modifing the routes.py file in gradio adding the following code , makes the logout button work.

@app.get("/logout")
        def logout():
            response = RedirectResponse(url="/", status_code=status.HTTP_302_FOUND)
            response.delete_cookie(key=f"access-token-{app.cookie_id}")
            response.delete_cookie(key=f"access-token-unsecure-{app.cookie_id}")
            return response

Wonder if theres anyway to do that from main app withou modifing gradio files.

This solution does not work for me. The current user is still logged in if the button is clicked. Is there anything that you do (e.g. to the event listener of the logout button) other than only modifying the routes.py?

yosephinestwn avatar Jan 16 '24 15:01 yosephinestwn

Hi, Modifing the routes.py file in gradio adding the following code , makes the logout button work.

@app.get("/logout")
        def logout():
            response = RedirectResponse(url="/", status_code=status.HTTP_302_FOUND)
            response.delete_cookie(key=f"access-token-{app.cookie_id}")
            response.delete_cookie(key=f"access-token-unsecure-{app.cookie_id}")
            return response

Wonder if theres anyway to do that from main app withou modifing gradio files.

This solution also did not work for me.

I've managed to make it work with a simple change:

      @app.get("/logout")
        def logout():
            response = RedirectResponse(url="/", status_code=status.HTTP_302_FOUND)
            response.delete_cookie(key=f"access-token")
            response.delete_cookie(key=f"access-token-unsecure")
            print("Logout user!")
            return response

And added a button on the app:

gr.Button("Logout", link="/logout")

cpatrickalves avatar Jan 26 '24 16:01 cpatrickalves

Wonder if theres anyway to do that from main app withou modifing gradio files.

I created a FastAPI app with a logout api and mounted my gradio app onto it. Using gradio's auth system when mounted on a FastAPI does not appear supported either, so I had to hack that in. I don't use the FastAPI for anything else, but it was a seamless transition. Also for me the session key was added to the cookie names (perhaps in a new version), so that code had to change a bit. Code below if it helps anyone!

    with (gr.Blocks() as gradio_app):
        gr.Button("Logout", link="/logout", scale=0, min_width=50)

    gradio_app.auth = [(<username>, <pw>)]
    gradio_app.auth_message = ''
    app = FastAPI()

    @app.get("/logout")
    def logout(request: Request):
        response = RedirectResponse(url="/", status_code=status.HTTP_302_FOUND)
        cookies = request.cookies
        for cookie in cookies:
            if cookie.startswith('access-token'):
                response.delete_cookie(cookie)
        print("Logout user!")
        return response

    app = gr.mount_gradio_app(app, gradio_app, path='/')
    uvicorn.run(app, host='0.0.0.0', port=8080)

+1 for logout being officially supported. For context, my use case is that I have a normal user and an admin user. The normal user can converse with a chatbot and the admin user can see all historical conversations, so for user testing we will often let someone play with it locally then logout and review conversations as an admin user. I deploy it on a remote server as a docker container so messing with gradio source files was not ideal. Gradio made rapid development for most of the functionality so easy, was surprised this wasn't supported!

theyoffa avatar Feb 21 '24 19:02 theyoffa