ti.sil/open-webui
1
0
Fork 0
mirror of https://github.com/open-webui/open-webui.git synced 2025-12-13 04:45:19 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3
open-webui/backend/open_webui
History
sasidhar 61f49ff580 fix: ensure trusted email header matches logged-in user 
When using trusted email header authentication, verify that the logged-in user's
email matches the value in the header. This prevents session conflicts when the
OAuth server changes the authenticated user.

- Move trusted email verification after user existence check
- Raise 401 if email mismatch is detected
- Only perform verification when WEBUI_AUTH_TRUSTED_EMAIL_HEADER is enabled
2025-06-08 14:16:10 +05:30
..
data refac: mv backend files to /open_webui dir 2024-09-04 16:54:48 +02:00
internal use unquote_user in peewee 3.17.10 2025-05-20 15:18:32 -04:00
migrations feat: notes 2025-05-03 18:16:32 +04:00
models refac: user chat list modal 2025-05-25 01:44:53 +04:00
retrieval refac 2025-05-30 01:19:56 +04:00
routers refac 2025-05-30 01:24:54 +04:00
socket refac: socket 2025-05-09 14:23:16 +04:00
static chore: removed duplicate css elements 2025-05-28 08:31:11 -04:00
storage Fix S3 allowed characters in Tags. 2025-05-23 11:09:40 +02:00
test feat: add AWS workload identity support 2025-02-27 13:12:54 -05:00
utils fix: ensure trusted email header matches logged-in user 2025-06-08 14:16:10 +05:30
__init__.py Update __init__.py 2025-04-15 09:55:35 +02:00
alembic.ini dev5 2024-09-04 17:33:39 +02:00
config.py refac: PLEASE follow existing convention 2025-05-30 00:34:18 +04:00
constants.py enh: password max length verification 2025-04-08 12:50:25 -07:00
env.py feat: WEBUI_AUTH_TRUSTED_GROUPS_HEADER 2025-05-24 23:17:12 +04:00
functions.py refac/fix: open webui params handling 2025-05-29 12:57:58 +04:00
main.py refac: PLEASE follow existing convention 2025-05-30 00:34:18 +04:00
tasks.py fix: ongoing chat stop issue 2025-04-12 20:51:02 -07:00