ti.sil/open-webui
1
0
Fork 0
mirror of https://github.com/open-webui/open-webui.git synced 2025-12-12 04:15:25 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 4

fix: session middleware should be required by default

Browse source
This commit is contained in:
Timothy Jaeryang Baek 2025-09-28 16:35:13 -05:00
parent 7e8ee46d2c
commit fe54fb61aa
1 changed files with 25 additions and 30 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
backend/open_webui/main.py
View file

@ -1908,23 +1908,18 @@ if len(app.state.config.TOOL_SERVER_CONNECTIONS) > 0:
f"mcp:{server_id}", OAuthClientInformationFull(**oauth_client_info) f"mcp:{server_id}", OAuthClientInformationFull(**oauth_client_info)
) )
# SessionMiddleware is used by authlib for oauth
if len(OAUTH_PROVIDERS) > 0:
try: try:
if REDIS_URL: if REDIS_URL:
redis_session_store = RedisStore( redis_session_store = RedisStore(
url=REDIS_URL, url=REDIS_URL,
prefix=( prefix=(f"{REDIS_KEY_PREFIX}:session:" if REDIS_KEY_PREFIX else "session:"),
f"{REDIS_KEY_PREFIX}:session:" if REDIS_KEY_PREFIX else "session:"
),
) )
app.add_middleware(SessionAutoloadMiddleware) app.add_middleware(SessionAutoloadMiddleware)
app.add_middleware( app.add_middleware(
StarSessionsMiddleware, StarSessionsMiddleware,
store=redis_session_store, store=redis_session_store,
cookie_name="oui-session", cookie_name="owui-session",
cookie_same_site=WEBUI_SESSION_COOKIE_SAME_SITE, cookie_same_site=WEBUI_SESSION_COOKIE_SAME_SITE,
cookie_https_only=WEBUI_SESSION_COOKIE_SECURE, cookie_https_only=WEBUI_SESSION_COOKIE_SECURE,
) )
@ -1935,7 +1930,7 @@ if len(OAUTH_PROVIDERS) > 0:
app.add_middleware( app.add_middleware(
SessionMiddleware, SessionMiddleware,
secret_key=WEBUI_SECRET_KEY, secret_key=WEBUI_SECRET_KEY,
session_cookie="oui-session", session_cookie="owui-session",
same_site=WEBUI_SESSION_COOKIE_SAME_SITE, same_site=WEBUI_SESSION_COOKIE_SAME_SITE,
https_only=WEBUI_SESSION_COOKIE_SECURE, https_only=WEBUI_SESSION_COOKIE_SECURE,
) )