sasidhar 61f49ff580 fix: ensure trusted email header matches logged-in user ...

When using trusted email header authentication, verify that the logged-in user's
email matches the value in the header. This prevents session conflicts when the
OAuth server changes the authenticated user.

- Move trusted email verification after user existence check
- Raise 401 if email mismatch is detected
- Only perform verification when WEBUI_AUTH_TRUSTED_EMAIL_HEADER is enabled

2025-06-08 14:16:10 +05:30

..

data

refac: mv backend files to /open_webui dir

2024-09-04 16:54:48 +02:00

internal

use unquote_user in peewee 3.17.10

2025-05-20 15:18:32 -04:00

migrations

feat: notes

2025-05-03 18:16:32 +04:00

models

refac: user chat list modal

2025-05-25 01:44:53 +04:00

retrieval

refac

2025-05-30 01:19:56 +04:00

routers

refac

2025-05-30 01:24:54 +04:00

socket

refac: socket

2025-05-09 14:23:16 +04:00

static

chore: removed duplicate css elements

2025-05-28 08:31:11 -04:00

storage

Fix S3 allowed characters in Tags.

2025-05-23 11:09:40 +02:00

test

feat: add AWS workload identity support

2025-02-27 13:12:54 -05:00

utils

fix: ensure trusted email header matches logged-in user

2025-06-08 14:16:10 +05:30

__init__.py

Update __init__.py

2025-04-15 09:55:35 +02:00

alembic.ini

dev5

2024-09-04 17:33:39 +02:00

config.py

refac: PLEASE follow existing convention

2025-05-30 00:34:18 +04:00

constants.py

enh: password max length verification

2025-04-08 12:50:25 -07:00

env.py

feat: WEBUI_AUTH_TRUSTED_GROUPS_HEADER

2025-05-24 23:17:12 +04:00

functions.py

refac/fix: open webui params handling

2025-05-29 12:57:58 +04:00

main.py

refac: PLEASE follow existing convention

2025-05-30 00:34:18 +04:00

tasks.py

fix: ongoing chat stop issue

2025-04-12 20:51:02 -07:00