This authentication allows you to plug your existing user database to the Chainlit app. You receive the headers from the first request, and you need to return an AppUser object if the authentication is successful.

You can use the callback to make sure the header contains the right token. Either by verifying the signature, or by checking in your database.


from typing import Optional

import chainlit as cl

def header_auth_callback(headers) -> Optional[cl.AppUser]:
  # Verify the signature of a token in the header (ex: jwt token)
  # or check that the value is matching a row from your database
  if headers.get("test-header") == "test-value":
    return cl.AppUser(username="admin", role="ADMIN", provider="header")
    return None