Chainlit applications are public by default. To enable authentication and make your app private, you need to:

  1. Define a CHAINLIT_AUTH_SECRET environment variable. This is a secret string that is used to sign the authentication tokens. You can change it at any time, but it will log out all users. You can easily generate one using chainlit create-secret.
  2. Add one or more authentication callbacks to your app:

Each callback take a different input and optionally return a cl.User object. If the callback returns None, the authentication is considered as failed.

Make sure each user has a unique identifier to prevent them from sharing their data.

Get the current authenticated user

You can access the current authenticated user through the User Session.

@cl.on_chat_start
async def on_chat_start():
    app_user = cl.user_session.get("user")
    await cl.Message(f"Hello {app_user.identifier}").send()