Commit Graph

56 Commits

Author SHA1 Message Date
Timothy Jaeryang Baek
cce5f024bd feat: WEBUI_AUTH_TRUSTED_GROUPS_HEADER 2025-05-24 23:17:12 +04:00
Timothy Jaeryang Baek
7df6d7f325 refac/fix: signout redirect flow 2025-05-17 00:38:39 +04:00
Timothy Jaeryang Baek
0a8cecfbfa feat: response watermark
Some checks are pending
Deploy to HuggingFace Spaces / check-secret (push) Waiting to run
Deploy to HuggingFace Spaces / deploy (push) Blocked by required conditions
Create and publish Docker images with specific build args / build-main-image (linux/amd64) (push) Waiting to run
Create and publish Docker images with specific build args / build-main-image (linux/arm64) (push) Waiting to run
Create and publish Docker images with specific build args / build-cuda-image (linux/amd64) (push) Waiting to run
Create and publish Docker images with specific build args / build-cuda-image (linux/arm64) (push) Waiting to run
Create and publish Docker images with specific build args / build-ollama-image (linux/amd64) (push) Waiting to run
Create and publish Docker images with specific build args / build-ollama-image (linux/arm64) (push) Waiting to run
Create and publish Docker images with specific build args / merge-main-images (push) Blocked by required conditions
Create and publish Docker images with specific build args / merge-cuda-images (push) Blocked by required conditions
Create and publish Docker images with specific build args / merge-ollama-images (push) Blocked by required conditions
Python CI / Format Backend (3.11.x) (push) Waiting to run
Python CI / Format Backend (3.12.x) (push) Waiting to run
Frontend Build / Format & Build Frontend (push) Waiting to run
Frontend Build / Frontend Unit Tests (push) Waiting to run
2025-05-14 23:53:28 +04:00
Tim Jaeryang Baek
e358a66fb1
Merge pull request #13852 from fizyr-forks/self-signed-cert
feat: Add option to disable certificate validation for LDAP certificates.
2025-05-14 23:12:24 +04:00
Timothy Jaeryang Baek
8fe4f789d4 fix 2025-05-14 21:53:46 +04:00
Timothy Jaeryang Baek
74ccec2812 refac 2025-05-14 21:39:17 +04:00
Tim Jaeryang Baek
29ae231ee0
Merge pull request #13889 from Classic298/pendingtext
feat: Custom Title and Text for Account Activation Screen for pending users
2025-05-14 21:28:16 +04:00
DrMelone
143cb4cc34 feat custom text and title 2025-05-14 17:58:20 +02:00
Hans Gaiser
f63e76e653 Add option to disable certificate validation. 2025-05-13 17:38:06 +02:00
Timothy Jaeryang Baek
a904f874ee fix: admin signup logic
Some checks failed
Deploy to HuggingFace Spaces / check-secret (push) Waiting to run
Deploy to HuggingFace Spaces / deploy (push) Blocked by required conditions
Create and publish Docker images with specific build args / build-main-image (linux/amd64) (push) Waiting to run
Create and publish Docker images with specific build args / build-main-image (linux/arm64) (push) Waiting to run
Create and publish Docker images with specific build args / build-cuda-image (linux/amd64) (push) Waiting to run
Create and publish Docker images with specific build args / build-cuda-image (linux/arm64) (push) Waiting to run
Create and publish Docker images with specific build args / build-ollama-image (linux/amd64) (push) Waiting to run
Create and publish Docker images with specific build args / build-ollama-image (linux/arm64) (push) Waiting to run
Create and publish Docker images with specific build args / merge-main-images (push) Blocked by required conditions
Create and publish Docker images with specific build args / merge-cuda-images (push) Blocked by required conditions
Create and publish Docker images with specific build args / merge-ollama-images (push) Blocked by required conditions
Frontend Build / Format & Build Frontend (push) Waiting to run
Frontend Build / Frontend Unit Tests (push) Waiting to run
Python CI / Format Backend (3.11.x) (push) Has been cancelled
Python CI / Format Backend (3.12.x) (push) Has been cancelled
2025-05-12 20:03:40 +04:00
Timothy Jaeryang Baek
7c8597765f refac/fix: ldap issue 2025-05-08 22:06:44 +04:00
Timothy Jaeryang Baek
62e57a4cf5 refac: auth endpoint 2025-05-07 00:54:53 +04:00
Timothy Jaeryang Baek
56cefde161 doc: changelog 2025-05-05 17:13:09 +04:00
omahs
37e0313c83
Merge branch 'dev' into main 2025-05-05 14:26:40 +02:00
omahs
863f227be9
fix: typos 2025-05-05 14:14:59 +02:00
Timothy Jaeryang Baek
5d5e351937 feat: notes scaffolding
Some checks are pending
Deploy to HuggingFace Spaces / check-secret (push) Waiting to run
Deploy to HuggingFace Spaces / deploy (push) Blocked by required conditions
Create and publish Docker images with specific build args / build-main-image (linux/amd64) (push) Waiting to run
Create and publish Docker images with specific build args / build-main-image (linux/arm64) (push) Waiting to run
Create and publish Docker images with specific build args / build-cuda-image (linux/amd64) (push) Waiting to run
Create and publish Docker images with specific build args / build-cuda-image (linux/arm64) (push) Waiting to run
Create and publish Docker images with specific build args / build-ollama-image (linux/amd64) (push) Waiting to run
Create and publish Docker images with specific build args / build-ollama-image (linux/arm64) (push) Waiting to run
Create and publish Docker images with specific build args / merge-main-images (push) Blocked by required conditions
Create and publish Docker images with specific build args / merge-cuda-images (push) Blocked by required conditions
Create and publish Docker images with specific build args / merge-ollama-images (push) Blocked by required conditions
Python CI / Format Backend (3.11.x) (push) Waiting to run
Python CI / Format Backend (3.12.x) (push) Waiting to run
Frontend Build / Format & Build Frontend (push) Waiting to run
Frontend Build / Frontend Unit Tests (push) Waiting to run
2025-05-01 16:39:36 +04:00
Tim Jaeryang Baek
336d20fa33
Merge pull request #13364 from NovoNordisk-OpenSource/websocket-behind-auth
refactor: hiding websocket initalization behind authentication
2025-04-30 13:35:27 -07:00
shcodenick
4c81b6ebc5 hiding websocket initalization behind authentication 2025-04-30 15:05:57 +02:00
Timothy Jaeryang Baek
addf44b21f refac 2025-04-29 19:27:54 +04:00
Timothy Jaeryang Baek
45ad6776de fix: token cookie issue 2025-04-28 17:04:13 +04:00
Timothy Jaeryang Baek
28ec3069de enh: exp token check 2025-04-24 03:12:22 +09:00
Timothy Jaeryang Baek
8507c47459 refac: WEBUI_AUTH_SIGNOUT_REDIRECT_URL 2025-04-18 23:58:37 -07:00
Jarrod Lowe
dfe50b4e56
Merge branch 'open-webui:main' into main 2025-04-17 15:46:24 +12:00
Timothy Jaeryang Baek
49bf3207e8 chore: format 2025-04-14 02:00:52 -07:00
Erik
c749083935
Update auths.py 2025-04-14 08:12:37 +02:00
Athanasios Oikonomou
c70fedb626 Properly handle ldap3.abstract.attribute.Attribute value
This commit fixes an issue created on commit 2e7a01f30a.

Ldap object is type <class 'ldap3.abstract.attribute.Attribute'>.
So we need to return the value and verify if it's null, string or list.

Fixes #12813
2025-04-13 18:00:42 +03:00
Jarrod Lowe
a8bbaa61bd
Merge branch 'dev' into main 2025-04-11 22:14:41 +12:00
Jörg Behrmann
2e7a01f30a fix: choose the first mail if multiple are returned from LDAP 2025-04-09 10:53:02 +02:00
Timothy Jaeryang Baek
60d11c1f6f enh: password max length verification 2025-04-08 12:50:25 -07:00
Jarrod Lowe
b4465987f9 Environment variable to redirect on logout 2025-04-08 13:39:00 +12:00
Juan Calderon-Perez
324550423c
Fix formatting issues 2025-04-05 10:03:24 -04:00
Juan Calderon-Perez
b4277c7d2e
Make auth error messages generic 2025-04-05 09:56:11 -04:00
Timothy Jaeryang Baek
a1f3300767 fix: tls cert requirement 2025-04-03 10:01:03 -07:00
Timothy Jaeryang Baek
33f93371dc feat: user webhooks system settings 2025-03-30 21:31:16 -07:00
Scott Cheng
8bd527be6a anonymous bind when LDAP_APP_DN is not specified 2025-03-08 21:19:21 +08:00
Timothy Jaeryang Baek
46cea1f904 fix: ldap email case sensitive 2025-03-03 19:52:27 -08:00
Timothy Jaeryang Baek
ddb30589e3 chore: format
HIDE MODELS
2025-02-26 22:18:18 -08:00
Timothy Jaeryang Baek
20f0b02b38
Merge pull request #10755 from softue/check-if-enable-ldap-chroma
Conditional import of ldap3 and chromadb
2025-02-25 16:02:40 -08:00
Timothy Jaeryang Baek
3be5e3129b
Merge pull request #10752 from NovoNordisk-OpenSource/yvedeng/standardize-logging
refactor: replace print statements with logging
2025-02-25 10:53:02 -08:00
Rômulo Mendes Figueiredo
2298bfbd7e refac: conditional import of ldap3 2025-02-25 13:07:53 -03:00
Yifang Deng
0e5d5ecb81
refactor: replace print statements with logging for better error tracking 2025-02-25 15:53:55 +01:00
Timothy Jaeryang Baek
50dec12072 refac 2025-02-21 22:15:22 -08:00
Timothy Jaeryang Baek
eeb00a5ca2 chore: format 2025-02-20 01:01:29 -08:00
Ranjan Mohan
6c6be5de88 Fixed an issue with clearing application cookies during OAuth signout
Closes #8885.

During the OAuth signout flow, although the `token` and `oauth_id_token`
cookies were marked for deletion, a new RedirectResponse is created and
returned. This does not contain the header info from the he Response object
used to mark the cookies to be deleted. Hence the cookies remained.
Fixed this by re-using the headers from the other Response object.
2025-02-18 12:44:14 -05:00
Timothy Jaeryang Baek
658944e756 refac 2025-02-17 19:29:28 -08:00
Timothy Jaeryang Baek
63cf80a456 refac 2025-02-16 00:11:18 -08:00
Timothy Jaeryang Baek
c5b5303a55
Merge pull request #9031 from bunnerz-king/main
LDAP auth, return user permissions in response
2025-01-28 14:50:04 -08:00
Andrew King
a1b5c18ef7 ldap pass user permissions into response 2025-01-28 09:51:21 -05:00
Antti Pyykkönen
412923dc91 feat: separate cookie settings between session & auth cookies
Introducing two new env config options to control cookies settings regarding
authentication. These values are taken into use when setting 'token' and 'oauth_id_token'.
To maintain backwards compatibility, the original session cookie values are used as
fallback.

Separation is done to prevent issues with the session cookie. When the config value was
set as 'strict', the oauth flow was broken (since the session cookie was not provided
after the callback).

Providing a separate config for auth & session cookies allows us to keep the 'strict'
settings for auth related cookies, while also allowing the session cookie to behave as
intended (e.g., by configuring it as 'lax').

The original config was added in commit #af4f8aa. However a later commit #a2e889c reused
this config option for other type of cookies, which was not the original intent.
2025-01-23 16:16:50 +02:00
Li, Steel
ab6dffffd0 feat: add LDAP_ATTRIBUTE_FOR_MAIL to env-configuration 2025-01-10 08:53:03 +08:00