open-webui

mirror of https://github.com/open-webui/open-webui synced 2025-06-26 18:26:48 +00:00

History

sasidhar 61f49ff580 fix: ensure trusted email header matches logged-in user When using trusted email header authentication, verify that the logged-in user's email matches the value in the header. This prevents session conflicts when the OAuth server changes the authenticated user. - Move trusted email verification after user existence check - Raise 401 if email mismatch is detected - Only perform verification when WEBUI_AUTH_TRUSTED_EMAIL_HEADER is enabled		2025-06-08 14:16:10 +05:30
..
data
internal	use unquote_user in peewee 3.17.10	2025-05-20 15:18:32 -04:00
migrations	feat: notes	2025-05-03 18:16:32 +04:00
models	refac: user chat list modal	2025-05-25 01:44:53 +04:00
retrieval	refac	2025-05-30 01:19:56 +04:00
routers	refac	2025-05-30 01:24:54 +04:00
socket	refac: socket	2025-05-09 14:23:16 +04:00
static	chore: removed duplicate css elements	2025-05-28 08:31:11 -04:00
storage	Fix S3 allowed characters in Tags.	2025-05-23 11:09:40 +02:00
test	feat: add AWS workload identity support	2025-02-27 13:12:54 -05:00
utils	fix: ensure trusted email header matches logged-in user	2025-06-08 14:16:10 +05:30
__init__.py	Update __init__.py	2025-04-15 09:55:35 +02:00
alembic.ini
config.py	refac: PLEASE follow existing convention	2025-05-30 00:34:18 +04:00
constants.py	enh: password max length verification	2025-04-08 12:50:25 -07:00
env.py	feat: WEBUI_AUTH_TRUSTED_GROUPS_HEADER	2025-05-24 23:17:12 +04:00
functions.py	refac/fix: open webui params handling	2025-05-29 12:57:58 +04:00
main.py	refac: PLEASE follow existing convention	2025-05-30 00:34:18 +04:00
tasks.py	fix: ongoing chat stop issue	2025-04-12 20:51:02 -07:00