msal_streamlit_authentication icon indicating copy to clipboard operation
msal_streamlit_authentication copied to clipboard
verified publisher icon mstaal

Refreshed pages not working - button shows logged in but no token in python.

Open numericOverflow opened this issue 10 months ago • 6 comments

Using the example code, I can successfully log in users and get a token back from MS, but there seems to be a disconnect between the javascript/browser side and the backend python side.

  • The button rendered in the browser thinks it's logged in (shows text to "log out")
  • There is no session_state.user stored in the session (expected b/c page was refreshed) but there is also no value
  • login_token is not defined in the python.
    • It's like the javascript doesn't send back the login state/token to streamlit even though it correctly detects the persistence of active MS login.

To correct this out-of-sync issue, users have to click the logout button, refresh the streamlit app (F5 in browser) then restart the login process via MS. Then token is returned to streamlit and everything works fine... until a session is destroyed by a page refresh and the whole cycle must be done again.

Image

import streamlit as st
import traceback

#import streamlit as st
from msal_streamlit_authentication import msal_authentication

def show(session_state):
    st.title("Authentication")

    if 'user' in st.session_state:
        session_state.user = st.session_state['user']
    else:
        st.write("You are not yet authenticated.")
        st.write("Click the 'Log In' button.")
    
    login_token = msal_authentication(
        auth={
            "clientId": "xxxxxxxxxxxxxxxxxxxxxxxxxxx",
            "authority": "xxxxxxxxxxxxxxxxxxxxxxxxxxx",
            "redirectUri": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
            "postLogoutRedirectUri": "/"
        }, # Corresponds to the 'auth' configuration for an MSAL Instance
        cache={
            "cacheLocation": "sessionStorage",
            "storeAuthStateInCookie": False
        }, # Corresponds to the 'cache' configuration for an MSAL Instance
        login_request={
            "scopes": ["xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"]
        }, # Optional
        logout_request={}, # Optional
        login_button_text="Login", # Optional, defaults to "Login"
        logout_button_text="Logout", # Optional, defaults to "Logout"
        class_name="css_button_class_selector", # Optional, defaults to None. Corresponds to HTML class.
        html_id="html_id_for_button", # Optional, defaults to None. Corresponds to HTML id.
        key=1 # Optional if only a single instance is needed
    )

    try:
        if login_token is None:
            st.write("Click the 'Log In' button.")
        else:
            st.write(login_token.get("account").get("username"))
            st.write(login_token.get("account"))
            
            st.session_state['user'] = login_token.get("account").get("username")
            st.session_state['login_token'] = login_token
            
            
    except Exception as e:
        st.write("Unable to work with login_token")
        # Handle any other exceptions that were not caught by the above
        st.write(f"An unexpected error occurred: {e}")
        # Print the stack trace
        st.write(traceback.format_exc())

numericOverflow avatar Feb 07 '25 17:02 numericOverflow

having the same problem

aaravind100 avatar Feb 13 '25 09:02 aaravind100

Having the same problem It was working last year. :( Tried with multiple st version - 1.37.0 to 1.42.0

login_token = msal_authentication( auth={ "clientId": f"{CLIENT_ID}", "authority": f"https://login.microsoftonline.com/{TENANT_ID}", # "redirectUri": f"{REDIRECT_URI}", "redirectUri": f"{REDIRECT_URI}", "postLogoutRedirectUri": "/", }, # Corresponds to the 'auth' configuration for an MSAL Instance cache={ # "cacheLocation": "sessionStorage", "cacheLocation": "localStorage", # "cacheLocation": "memoryStorage", "storeAuthStateInCookie": True, }, # Corresponds to the 'cache' configuration for an MSAL Instance login_request={"scopes": [f"{SCOPE}"]}, # Optional logout_request={}, # Optional login_button_text="Login", # Optional, defaults to "Login" logout_button_text="Sign Out", # Optional, defaults to "Logout" class_name="css_button_class_selector", # Optional, defaults to None. Corresponds to HTML class. html_id="html_id_for_button", # Optional, defaults to None. Corresponds to HTML id. key="1", # Optional if only a single instance is needed )

arnabneogi86 avatar Feb 17 '25 12:02 arnabneogi86

anyone found a solution yet?

JoonasBot avatar Mar 19 '25 11:03 JoonasBot

@JoonasBot - Unfortunately, I had to abandon this and moved to the native st.login() that was added to streamlit in 1.42

:(

https://docs.streamlit.io/develop/api-reference/user/st.login

numericOverflow avatar Mar 19 '25 14:03 numericOverflow

@numericOverflow I tried that also, but had some issues. Just out of curiosity could you share a little example of your solution with the st.login() ?

JoonasBot avatar Mar 20 '25 06:03 JoonasBot

@mstaal any chance you can take a look at this problem? I am having the same issue

grzjab avatar May 12 '25 15:05 grzjab