OpenWebUI/open-webui
1
0
Fork 0
mirror of https://github.com/open-webui/open-webui synced 2025-06-26 18:26:48 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
61f49ff580
open-webui/backend/open_webui
History
sasidhar 61f49ff580 fix: ensure trusted email header matches logged-in user 
When using trusted email header authentication, verify that the logged-in user's
email matches the value in the header. This prevents session conflicts when the
OAuth server changes the authenticated user.

- Move trusted email verification after user existence check
- Raise 401 if email mismatch is detected
- Only perform verification when WEBUI_AUTH_TRUSTED_EMAIL_HEADER is enabled
2025-06-08 14:16:10 +05:30
..
data
internal use unquote_user in peewee 3.17.10 2025-05-20 15:18:32 -04:00
migrations
models refac: user chat list modal 2025-05-25 01:44:53 +04:00
retrieval refac 2025-05-30 01:19:56 +04:00
routers refac 2025-05-30 01:24:54 +04:00
socket refac: socket 2025-05-09 14:23:16 +04:00
static chore: removed duplicate css elements 2025-05-28 08:31:11 -04:00
storage Fix S3 allowed characters in Tags. 2025-05-23 11:09:40 +02:00
test
utils fix: ensure trusted email header matches logged-in user 2025-06-08 14:16:10 +05:30
__init__.py
alembic.ini
config.py refac: PLEASE follow existing convention 2025-05-30 00:34:18 +04:00
constants.py
env.py feat: WEBUI_AUTH_TRUSTED_GROUPS_HEADER 2025-05-24 23:17:12 +04:00
functions.py refac/fix: open webui params handling 2025-05-29 12:57:58 +04:00
main.py refac: PLEASE follow existing convention 2025-05-30 00:34:18 +04:00
tasks.py