open-webui

mirror of https://github.com/open-webui/open-webui synced 2025-06-26 18:26:48 +00:00

History

sasidhar 61f49ff580 fix: ensure trusted email header matches logged-in user When using trusted email header authentication, verify that the logged-in user's email matches the value in the header. This prevents session conflicts when the OAuth server changes the authenticated user. - Move trusted email verification after user existence check - Raise 401 if email mismatch is detected - Only perform verification when WEBUI_AUTH_TRUSTED_EMAIL_HEADER is enabled		2025-06-08 14:16:10 +05:30
..
data
open_webui	fix: ensure trusted email header matches logged-in user	2025-06-08 14:16:10 +05:30
.dockerignore
.gitignore
dev.sh
requirements.txt	feat: GZip, Brotli, ZStd compression middleware support	2025-05-26 14:18:29 +04:00
start_windows.bat	refac: web/rag config	2025-04-12 16:33:36 -07:00
start.sh	Fix: Use dynamic Python command to run uvicorn and support pyenv setups.	2025-04-29 09:14:23 +01:00