Changelog: Streamlit Authentication
All notable changes to this template will be documented in this file.
The format is based on Keep a Changelog,
and this project adheres to Semantic Versioning.
[Unreleased]
Planned for v2.0.0
- OAuth2 providers support (Google, GitHub, Microsoft)
- Two-factor authentication (TOTP)
- Password reset via email
- User registration with email verification
- Role-based access control (RBAC)
- Session management (view active sessions, logout from all devices)
Breaking Changes:
- config.yaml structure will change to support OAuth2
- New dependencies: authlib, pyotp, sendgrid
See MIGRATION_v1_to_v2.md when released.
[1.0.0] - 2025-11-10
Added
- Initial release of Streamlit Authentication template
- Login form with username/password
- Cookie-based session management
- Password hashing with bcrypt
- Protected pages with
require_auth() decorator
- Sidebar with user profile and logout button
- CLI tool for password hash generation
- Complete documentation with examples
- Troubleshooting guide
Files
auth_app.py - Main application with login form (130 lines)config.yaml - User credentials configurationutils/auth_sidebar.py - Sidebar component with user infoutils/auth_utils.py - Utility functions (require_auth, generate_hash)README.md - Complete documentationtemplate.yaml - Template metadata
Dependencies
- streamlit >= 1.28.0
- streamlit-authenticator >= 0.2.3
- pyyaml >= 6.0
Token Economy
- Generate from scratch: ~4000 tokens
- Adapt template: ~600 tokens
- Savings: 85%
Security Features
- Bcrypt password hashing
- Cookie signing with secret key
- Session timeout (configurable)
- CSRF protection (via Streamlit)
Known Limitations
- No OAuth2 support (planned for v2.0.0)
- No 2FA (planned for v2.0.0)
- No password reset (planned for v2.0.0)
- No user registration (can be added manually)
- Single role per user (basic RBAC in v2.0.0)
- Project: marketplace
- File:
app.py (lines 38-63)
- Date: 2025-11-10
Version Comparison
| Feature |
v1.0.0 |
v2.0.0 (planned) |
| Login/Logout |
✅ |
✅ |
| Cookie Sessions |
✅ |
✅ |
| Password Hashing |
✅ |
✅ |
| Protected Pages |
✅ |
✅ |
| OAuth2 |
❌ |
✅ |
| 2FA |
❌ |
✅ |
| Password Reset |
❌ |
✅ |
| User Registration |
❌ |
✅ |
| RBAC |
Basic |
Advanced |
Migration Guides
To v2.0.0 (when released)
See MIGRATION_v1_to_v2.md
Support
Issues: Report bugs or request features in workspace issues
Documentation: See README.md for usage guide
Version Info: Check templates/VERSIONS.yaml