@cl.password_auth_callback receives the username and password from the login form. Returning an
AppUser object will authenticate the user while returning
None will fail the authentication.
You can verify the credentials against any service that you’d like (your own DB, a private google sheet etc.).
The usual security best practices applies here, hash password before storing them.
from typing import Optional import chainlit as cl @cl.password_auth_callback def auth_callback(username: str, password: str) -> Optional[cl.AppUser]: # Fetch the user matching username from your database # and compare the hashed password with the value stored in the database if (username, password) == ("admin", "admin"): return cl.AppUser(username="admin", role="ADMIN", provider="credentials") else: return None