Websocket Connect - Authentication Issue

[smannathan]

While running the Chainlit server on Kubernetes, the API can be successfully invoked, and custom authentication with cookies and auth tokens works as expected. However, when the react client application attempts to connect to the server via WebSocket, the connection fails with an authentication error.

2025-01-24 17:41:44 - Authentication failed in websocket connect.
message async handler error
Traceback (most recent call last):
  File "/app/.venv/lib/python3.12/site-packages/engineio/async_server.py", line 509, in run_async_handler
2025-01-24 17:41:44 - message async handler error
Traceback (most recent call last):
  File "/app/.venv/lib/python3.12/site-packages/engineio/async_server.py", line 509, in run_async_handler
    return await self.handlers[event](*args)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/app/.venv/lib/python3.12/site-packages/socketio/async_server.py", line 688, in _handle_eio_message
    await self._handle_connect(eio_sid, pkt.namespace, pkt.data)
  File "/app/.venv/lib/python3.12/site-packages/socketio/async_server.py", line 552, in _handle_connect
    success = await self._trigger_event(
              ^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/app/.venv/lib/python3.12/site-packages/socketio/async_server.py", line 640, in _trigger_event
    ret = await handler(*args)
          ^^^^^^^^^^^^^^^^^^^^
  File "/app/.venv/lib/python3.12/site-packages/chainlit/socket.py", line 120, in connect
    raise ConnectionRefusedError("authentication failed")
ConnectionRefusedError: authentication failed

Code:

from fastapi import FastAPI
from fastapi.responses import JSONResponse
from starlette.middleware.cors import CORSMiddleware
from chainlit.user import User
from chainlit.utils import mount_chainlit
from chainlit.server import _authenticate_user, _get_auth_response, set_auth_cookie
from utils.profiles import auth_user_profiles
from pydantic import BaseModel
from chainlit.auth import create_jwt, decode_jwt, get_configuration, get_current_user
from chainlit.user import User

class Credentials(BaseModel):
    username: str
    password: str

app = FastAPI()

app.add_middleware(
    CORSMiddleware,
    allow_origins=["*"],
    allow_credentials=True,
    allow_methods=["*"],
    allow_headers=["*"],
)

@app.post("/custom-auth-v2")
async def custom_auth_v2(credentials: Credentials):
    # Verify the user's identity with custom logic.
    user_profile = auth_user_profiles(credentials.username, credentials.password)

    user = User(identifier=user_profile['identifier'], metadata=user_profile['metadata'])

    access_token = create_jwt(user)
    response = _get_auth_response(access_token, False)
    set_auth_cookie(response, access_token)
    return response

@app.get("/health")
async def health_check():
    # Verify the user's identity with custom logic.
    
    return {"status": "healthy"}

mount_chainlit(app=app, target="./app.py", path="/chainlit")

[willydouhard]

Here is a working example of custom authentication with custom frontend

[jmanhype]

Thank you for sharing the working example. This will be very helpful for implementing custom authentication with a custom frontend. I'll take a look at the provided repository. The example can be found at: https://github.com/Chainlit/cookbook/tree/main/custom-frontend Sent via Lindy <https://lindy.ai>

…

On Sat, Jan 25, 2025 at 2:20 AM ***@***.*** wrote: Here is a working example <https://github.com/Chainlit/cookbook/tree/main/custom-frontend> of custom authentication with custom frontend — Reply to this email directly, view it on GitHub <#1801 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/ANMI52BHUCEKR7THP74UTU32MNCL7AVCNFSM6AAAAABV2GIFXSVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDMMJTHAZTQNBSGE> . You are receiving this because you are subscribed to this thread.Message ID: ***@***.***>