Skip to content

Jarvis Authentication System

Jump to bottom
Avdhesh edited this page Jun 19, 2025 · 6 revisions

🔐 Jarvis Authentication System!

Welcome to the authentication setup guide for Jarvis AI Assistant.

This guide will help you implement secure user login using Streamlit’s built-in authentication system and an identity provider such as Google.

Jarvis Youtube Series

The streamlit-authentication system is used to authorize the user. Link

To authorize the user, we need an identity provider like google, microsoft, github, linkedin, etc.

What is the requirement of identity provider?

An Identity Provider (IdP) manages and verifies user identities. It plays a crucial role in Single Sign-On (SSO) by:

  • Authenticating users
  • Issuing tokens to grant access to applications
  • Enhancing security and simplifying session management

Think of it as a trusted bridge between the client and the server.

Streamlit Authentication API Overview

Streamlit offers a simple API for handling authentication:

Command Description
st.login('google') Starts login using the specified identity provider.
st.user A dict-like object for accessing the user information.
st.logout() Logout the user and resets their session.

In Jarvis, Google is used as the default provider.

Getting Google OAuth Credentials

  1. Add This to .streamlit/secrets.toml 
[auth]
redirect_uri = "http://localhost:8501/oauth2callback"
cookie_secret = "xxx"

[auth.google]
client_id = "xxx"
client_secret = "xxx"
server_metadata_url = "https://accounts.google.com/.well-known/openid-configuration"

  1. redirect_uri is a url where the auth provider will redirect the user. Don't forget to write the suffix /oauth2callback in the url. For production url, update the url accordingly.

  2. cookie_secret is a cryptographic key used by a web server to sign and verify session cookies. It's a crucial component for maintaining user authentication and session management.

  3. Go through the google cloud console and create a new project on there. image

  4. Go to google clients to create the oauth credentials image

  5. Click on Create client.

  6. Select the Web application to be application type. image

  7. Give your client a random name or chosen one. image

  8. Add your authorized URL to redirect the user on successful authorization. image

Don't forget to add your production URL, if using your application in production.

  1. Click on create and save your Client ID & Client Secret or you can download it later. brave_screenshot_console cloud google com

Add all those credentials in your secrets.toml file inside .streamlit folder.

Below a small implementation of using your authentication system using python,

import streamlit as st

if st.user and not st.user.is_logged_in:
    st.markdown("# Login Required")
    if st.button("Log in with Google"):
        st.login("google")

else:
    st.markdown(f"# Welcome, {st.user.name}!")
    st.image(st.user.picture, caption="User Profile Picture")
    if st.button("Log out"):
        st.logout()

Final Tips

  • Always secure your secrets — never commit them to Git!
  • Redirect URI must match exactly in both your code and Google settings
  • In production, use https://your-domain.com/oauth2callback

Jarvis Project • Built with ❤️ by Avdhesh Varshney

LicenseContactWebsite

Clone this wiki locally