Card #354 · Streamlit
Authentication cookie persistence regression in Streamlit 1.57.0
After upgrading to Streamlit 1.57.0, the authentication cookie set by st.login() has stopped persisting for 30 days and now behaves as a session cookie. This causes users to be logged out immediately upon closing the browser, contradicting the official documentation. The issue appears to be a side effect of the migration from Tornado to Starlette.
Pain score
0.18/ 1.00 · weighted product of four components
Reach0.47distinct authors (log-normalized)
Recency1.00freshness decay, half-life months
Engagement1.00upvotes + comments, normalized
Monetization0.50willingness-to-pay cues in evidence
§ Evidence — 2 verified quotes
after upgrading from Streamlit 1.56.0 to 1.57.0, the authentication cookie set by st.login() is no longer persistent. It behaves as a session cookie (deleted when the browser is closed) instead of persisting for 30 days as documented.
the authentication cookie set by st.login() is now behaving as a session cookie (deleted on browser close), rather than persisting for 30 days as previously documented and expected.
Comments are a Pro feature — join the conversation, share what you've shipped, hear what others are building.
Upgrade to Pro