From 1c2aa107965d973ab27d63145b4d22e49ae8aaec Mon Sep 17 00:00:00 2001
From: "Timothy J. Baek" <timothyjrbeck@gmail.com>
Date: Wed, 8 May 2024 16:33:34 -0700
Subject: [PATCH 1/2] refac: disable enable_signup if webui_auth false

---
 backend/config.py | 38 ++++++++++++++++++++++----------------
 1 file changed, 22 insertions(+), 16 deletions(-)

diff --git a/backend/config.py b/backend/config.py
index 82a171531..5c6247a9f 100644
--- a/backend/config.py
+++ b/backend/config.py
@@ -154,6 +154,23 @@ for version in soup.find_all("h2"):
 
 CHANGELOG = changelog_json
 
+
+####################################
+# WEBUI_VERSION
+####################################
+
+WEBUI_VERSION = os.environ.get("WEBUI_VERSION", "v1.0.0-alpha.100")
+
+####################################
+# WEBUI_AUTH (Required for security)
+####################################
+
+WEBUI_AUTH = os.environ.get("WEBUI_AUTH", "True").lower() == "true"
+WEBUI_AUTH_TRUSTED_EMAIL_HEADER = os.environ.get(
+    "WEBUI_AUTH_TRUSTED_EMAIL_HEADER", None
+)
+
+
 ####################################
 # DATA/FRONTEND BUILD DIR
 ####################################
@@ -346,7 +363,11 @@ OPENAI_API_BASE_URL = "https://api.openai.com/v1"
 # WEBUI
 ####################################
 
-ENABLE_SIGNUP = os.environ.get("ENABLE_SIGNUP", "True").lower() == "true"
+ENABLE_SIGNUP = (
+    False
+    if WEBUI_AUTH == False
+    else os.environ.get("ENABLE_SIGNUP", "True").lower() == "true"
+)
 DEFAULT_MODELS = os.environ.get("DEFAULT_MODELS", None)
 
 
@@ -403,21 +424,6 @@ WEBHOOK_URL = os.environ.get("WEBHOOK_URL", "")
 
 ENABLE_ADMIN_EXPORT = os.environ.get("ENABLE_ADMIN_EXPORT", "True").lower() == "true"
 
-####################################
-# WEBUI_VERSION
-####################################
-
-WEBUI_VERSION = os.environ.get("WEBUI_VERSION", "v1.0.0-alpha.100")
-
-####################################
-# WEBUI_AUTH (Required for security)
-####################################
-
-WEBUI_AUTH = os.environ.get("WEBUI_AUTH", "True").lower() == "true"
-WEBUI_AUTH_TRUSTED_EMAIL_HEADER = os.environ.get(
-    "WEBUI_AUTH_TRUSTED_EMAIL_HEADER", None
-)
-
 ####################################
 # WEBUI_SECRET_KEY
 ####################################

From 88e8f31c0709774eae5c8d7e00612e3f725f893c Mon Sep 17 00:00:00 2001
From: "Timothy J. Baek" <timothyjrbeck@gmail.com>
Date: Wed, 8 May 2024 16:42:41 -0700
Subject: [PATCH 2/2] fix: webui_auth permission issue

---
 backend/apps/web/routers/auths.py | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/backend/apps/web/routers/auths.py b/backend/apps/web/routers/auths.py
index 64f41fac5..2c9620adc 100644
--- a/backend/apps/web/routers/auths.py
+++ b/backend/apps/web/routers/auths.py
@@ -131,7 +131,9 @@ async def signin(request: Request, form_data: SigninForm):
                     request,
                     SignupForm(email=admin_email, password=admin_password, name="User"),
                 )
+
             user = Auths.authenticate_user(admin_email.lower(), admin_password)
+
         else:
             user = Auths.authenticate_user(form_data.email.lower(), form_data.password)
 
@@ -161,7 +163,7 @@ async def signin(request: Request, form_data: SigninForm):
 
 @router.post("/signup", response_model=SigninResponse)
 async def signup(request: Request, form_data: SignupForm):
-    if not request.app.state.ENABLE_SIGNUP:
+    if not request.app.state.ENABLE_SIGNUP and WEBUI_AUTH:
         raise HTTPException(
             status.HTTP_403_FORBIDDEN, detail=ERROR_MESSAGES.ACCESS_PROHIBITED
         )