From 88e8f31c0709774eae5c8d7e00612e3f725f893c Mon Sep 17 00:00:00 2001
From: "Timothy J. Baek" <timothyjrbeck@gmail.com>
Date: Wed, 8 May 2024 16:42:41 -0700
Subject: [PATCH] fix: webui_auth permission issue

---
 backend/apps/web/routers/auths.py | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/backend/apps/web/routers/auths.py b/backend/apps/web/routers/auths.py
index 64f41fac5..2c9620adc 100644
--- a/backend/apps/web/routers/auths.py
+++ b/backend/apps/web/routers/auths.py
@@ -131,7 +131,9 @@ async def signin(request: Request, form_data: SigninForm):
                     request,
                     SignupForm(email=admin_email, password=admin_password, name="User"),
                 )
+
             user = Auths.authenticate_user(admin_email.lower(), admin_password)
+
         else:
             user = Auths.authenticate_user(form_data.email.lower(), form_data.password)
 
@@ -161,7 +163,7 @@ async def signin(request: Request, form_data: SigninForm):
 
 @router.post("/signup", response_model=SigninResponse)
 async def signup(request: Request, form_data: SignupForm):
-    if not request.app.state.ENABLE_SIGNUP:
+    if not request.app.state.ENABLE_SIGNUP and WEBUI_AUTH:
         raise HTTPException(
             status.HTTP_403_FORBIDDEN, detail=ERROR_MESSAGES.ACCESS_PROHIBITED
         )