feat: support webui_auth false

#929
2025-06-26 18:26:48 +00:00 · 2024-05-08 08:40:18 -07:00 · 2024-05-08 08:40:18 -07:00 · 01472c071b
commit 01472c071b
parent 0d633c0d17
5 changed files with 23 additions and 7 deletions
--- a/backend/apps/web/routers/auths.py
+++ b/backend/apps/web/routers/auths.py
@ -33,7 +33,7 @@ from utils.utils import (
 from utils.misc import parse_duration, validate_email_format
 from utils.webhook import post_webhook
 from constants import ERROR_MESSAGES, WEBHOOK_MESSAGES
-from config import WEBUI_AUTH_TRUSTED_EMAIL_HEADER
+from config import WEBUI_AUTH, WEBUI_AUTH_TRUSTED_EMAIL_HEADER

 router = APIRouter()

@ -118,6 +118,19 @@ async def signin(request: Request, form_data: SigninForm):
                ),
            )
        user = Auths.authenticate_user_by_trusted_header(trusted_email)
+
+    if WEBUI_AUTH == False:
+        admin_email = "admin@localhost"
+        admin_password = "admin"
+
+        if Users.get_num_users() == 0 and not Users.get_user_by_email(
+            admin_email.lower()
+        ):
+            await signup(
+                request,
+                SignupForm(email=admin_email, password=admin_password, name="User"),
+            )
+        user = Auths.authenticate_user(admin_email.lower(), admin_password)
    else:
        user = Auths.authenticate_user(form_data.email.lower(), form_data.password)

--- a/backend/config.py
+++ b/backend/config.py
@ -413,7 +413,7 @@ WEBUI_VERSION = os.environ.get("WEBUI_VERSION", "v1.0.0-alpha.100")
 # WEBUI_AUTH (Required for security)
 ####################################

-WEBUI_AUTH = True
+WEBUI_AUTH = os.environ.get("WEBUI_AUTH", "True").lower() == "true"
 WEBUI_AUTH_TRUSTED_EMAIL_HEADER = os.environ.get(
    "WEBUI_AUTH_TRUSTED_EMAIL_HEADER", None
 )
--- a/backend/main.py
+++ b/backend/main.py
@ -44,6 +44,7 @@ from config import (
    CONFIG_DATA,
    WEBUI_NAME,
    WEBUI_URL,
+    WEBUI_AUTH,
    ENV,
    VERSION,
    CHANGELOG,
@ -240,6 +241,7 @@ async def get_app_config():
        "status": True,
        "name": WEBUI_NAME,
        "version": VERSION,
+        "auth": WEBUI_AUTH,
        "default_locale": default_locale,
        "images": images_app.state.ENABLED,
        "default_models": webui_app.state.DEFAULT_MODELS,
--- a/backend/utils/misc.py
+++ b/backend/utils/misc.py
@ -38,9 +38,10 @@ def calculate_sha256_string(string):


 def validate_email_format(email: str) -> bool:
-    if not re.match(r"[^@]+@[^@]+\.[^@]+", email):
-        return False
-    return True
+    if email.endswith("@localhost"):
+        return True
+
+    return bool(re.match(r"[^@]+@[^@]+\.[^@]+", email))


 def sanitize_filename(file_name):
--- a/src/routes/auth/+page.svelte
+++ b/src/routes/auth/+page.svelte
@ -60,7 +60,7 @@
 			await goto('/');
 		}
 		loaded = true;
-		if ($config?.trusted_header_auth ?? false) {
+		if (($config?.trusted_header_auth ?? false) || $config?.auth === false) {
 			await signInHandler();
 		}
 	});
@ -97,7 +97,7 @@
 		</div> -->

 		<div class="w-full sm:max-w-md px-10 min-h-screen flex flex-col text-center">
-			{#if $config?.trusted_header_auth ?? false}
+			{#if ($config?.trusted_header_auth ?? false) || $config?.auth === false}
 				<div class=" my-auto pb-10 w-full">
 					<div
 						class="flex items-center justify-center gap-3 text-xl sm:text-2xl text-center font-bold dark:text-gray-200"