refac: auth endpoint

2025-06-26 18:26:48 +00:00 · 2025-05-07 00:54:53 +04:00 · 2025-05-07 00:54:53 +04:00 · 62e57a4cf5
commit 62e57a4cf5
parent 2a4dfc02a2
1 changed files with 22 additions and 19 deletions
--- a/backend/open_webui/routers/auths.py
+++ b/backend/open_webui/routers/auths.py
@ -82,28 +82,31 @@ async def get_session_user(
    token = auth_token.credentials
    data = decode_token(token)

-    expires_at = data.get("exp")
+    expires_at = None

-    if (expires_at is not None) and int(time.time()) > expires_at:
-        raise HTTPException(
-            status_code=status.HTTP_401_UNAUTHORIZED,
-            detail=ERROR_MESSAGES.INVALID_TOKEN,
+    if data:
+        expires_at = data.get("exp")
+
+        if (expires_at is not None) and int(time.time()) > expires_at:
+            raise HTTPException(
+                status_code=status.HTTP_401_UNAUTHORIZED,
+                detail=ERROR_MESSAGES.INVALID_TOKEN,
+            )
+
+        # Set the cookie token
+        response.set_cookie(
+            key="token",
+            value=token,
+            expires=(
+                datetime.datetime.fromtimestamp(expires_at, datetime.timezone.utc)
+                if expires_at
+                else None
+            ),
+            httponly=True,  # Ensures the cookie is not accessible via JavaScript
+            samesite=WEBUI_AUTH_COOKIE_SAME_SITE,
+            secure=WEBUI_AUTH_COOKIE_SECURE,
        )

-    # Set the cookie token
-    response.set_cookie(
-        key="token",
-        value=token,
-        expires=(
-            datetime.datetime.fromtimestamp(expires_at, datetime.timezone.utc)
-            if expires_at
-            else None
-        ),
-        httponly=True,  # Ensures the cookie is not accessible via JavaScript
-        samesite=WEBUI_AUTH_COOKIE_SAME_SITE,
-        secure=WEBUI_AUTH_COOKIE_SECURE,
-    )
-
    user_permissions = get_permissions(
        user.id, request.app.state.config.USER_PERMISSIONS
    )