feat: support for configuring private api key use

2025-06-26 18:26:48 +00:00 · 2024-11-19 16:14:52 +02:00
parent 5c4124ebe5
commit 979e6e5a79
7 changed files with 111 additions and 81 deletions
--- a/backend/open_webui/utils/utils.py
+++ b/backend/open_webui/utils/utils.py
@@ -5,13 +5,11 @@ import jwt
 from datetime import UTC, datetime, timedelta
 from typing import Optional, Union, List, Dict

-
 from open_webui.apps.webui.models.users import Users

 from open_webui.constants import ERROR_MESSAGES
 from open_webui.env import WEBUI_SECRET_KEY

-
 from fastapi import Depends, HTTPException, Request, Response, status
 from fastapi.security import HTTPAuthorizationCredentials, HTTPBearer
 from passlib.context import CryptContext
@@ -75,10 +73,15 @@ def get_http_authorization_cred(auth_header: str):
    except Exception:
        raise ValueError(ERROR_MESSAGES.INVALID_TOKEN)

+def get_api_key_auth_config():
+    from open_webui.config import ENABLE_API_KEY_AUTH
+    return ENABLE_API_KEY_AUTH
+

 def get_current_user(
    request: Request,
    auth_token: HTTPAuthorizationCredentials = Depends(bearer_security),
+    api_key_auth_enabled: bool = Depends(get_api_key_auth_config)
 ):
    token = None

@@ -93,6 +96,10 @@ def get_current_user(

    # auth by api key
    if token.startswith("sk-"):
+        if not api_key_auth_enabled:
+            raise HTTPException(
+                status.HTTP_403_FORBIDDEN, detail=ERROR_MESSAGES.API_KEY_NOT_ALLOWED
+            )
        return get_current_user_by_api_key(token)

    # auth by jwt token