Live Chat

We'll need to share your messages (and your email address if you're logged in) with our live chat provider, Drift. Here's their privacy policy.

If you don't want to do this, you can email us instead at contact@anvil.works.

Logging in Using Code

As well as using the built-in login and sign-up forms, you can create your own forms and call the following functions yourself.

All of the manual login and signup functions take an optional keyword argument remember, which is False by default (for login_with_form and signup_with_form, the argument is called remember_by_default). If set to true, and the “Remember login between sessions” configuration option is enabled, the user’s login status will be remembered between sessions for the configured amount of time.

See the API Docs for full argument lists.

Email + password

To log in manually with an email and password, call anvil.users.login_with_email(), passing the email address and password as arguments. This function returns the newly-logged-in user, or raises an AuthenticationFailed exception if the login failed.

user = anvil.users.login_with_email("abc@example.com",
                                    "<password>")

This function can be called from client or server code.

To reset a user’s password, call anvil.users.send_password_reset_email(). If the specified email address is in the Users table, Anvil will send them an email with a link where they can set a new password for their account.

anvil.users.send_password_reset_email("abc@example.com")

This function can be called from client or server code.

To register a new account with an email and password, call anvil.users.signup_with_email(). If signup succeeds, this function returns the newly-created user object. The new user will also be logged in if email confirmation is not required, and new-user registrations are automatically enabled.

anvil.users.signup_with_email("abc@example.com",
                              "<password>")

This function can be called from client or server code, if the “allow signups” option is enabled in the users service configuration. Otherwise, it can only be called from server code.

Login with Google (etc.)

You can run separate login functions for Google, Facebook and Microsoft accounts. Let’s discuss Google login, you just need to replace the word google with facebook or microsoft for the other two services.

To log in with Google, call anvil.users.login_with_google(). This function will prompt the user to log into Google, then attempt to authenticate that user with the Users service. It will return a user object, or None if the Google login is cancelled, or raise an AuthenticationFailed exception.

user = anvil.users.login_with_google()

This function must be called from client code (e.g. an event handler on a Form).

To sign up a new user with Google, call anvil.users.signup_with_google(). This will prompt the user to log into Google, then attempt to register this user with the Users service. It will return a user object, or None if the Google login is cancelled, or raise a UserExists exception. If signup succeeds, the user is automatically logged in.

anvil.users.signup_with_google()

This function must be called from client code (e.g. an event handler on a Form).

The Google Service must be enabled for Google authentication to work. It will be added to your app automatically when you tick Google as an authentication option in the Users Service.

For Facebook and Microsoft login, you need to register your Anvil App with their online developer console - see Connecting Facebook to Anvil and Connecting Microsoft Azure to Anvil for step-by-step instructions.

Handling exceptions

If any of these functions fails, it will raise an anvil.users.AuthenticationFailed exception. There are a few subclasses if you wish to handle them separately:

  • anvil.users.UserExists - You have attempted to sign up with an email address which is already in the Users table.
  • anvil.users.EmailNotConfirmed - You have attempted to log in with an email address that has not yet been confirmed. (Only occurs with Email + password login, when email confirmation is enabled)
  • anvil.users.AccountIsNotEnabled - This account is disabled (the enabled box is not ticked in the Users table). This happens if an administrator has manually disabled an account, or if the Users service is configured not to enable newly-registered accounts.
  • anvil.users.AuthenticationFailed - This is the parent class of all these exceptions. It indicates that authentication has failed for some reason.

Build your own authentication flow

You can implement your own login mechanism. To log a user in, pass a row from the users table into anvil.users.force_login() in server code. anvil.users.force_login() returns the now-logged-in user. Passing None is the equivalent of anvil.users.logout(), and will return None.

This example shows a simple implementation of username/password login. (This is approximately the logic used by anvil.users.login_with_email().)

@anvil.server.callable
def login_with_password(username, password):
  user = app_tables.users.get(username=username)
  if user is not None and \
       bcrypt.hashpw(password, user['password_hash']).decode() == user['password_hash']:
    anvil.users.force_login(user)
    return user
If you’re using Python 2, you don’t need to call decode() on the output of bcrypt.hashpw().