From 99386bf680fc3278fd25c54ba7e02d0b50a470b3 Mon Sep 17 00:00:00 2001 From: Timothy Jaeryang Baek Date: Fri, 27 Dec 2024 00:32:25 -0800 Subject: [PATCH] fix: api key restrictions --- backend/open_webui/utils/auth.py | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/backend/open_webui/utils/auth.py b/backend/open_webui/utils/auth.py index b4af770d1..2c16afd76 100644 --- a/backend/open_webui/utils/auth.py +++ b/backend/open_webui/utils/auth.py @@ -96,10 +96,12 @@ def get_current_user( status.HTTP_403_FORBIDDEN, detail=ERROR_MESSAGES.API_KEY_NOT_ALLOWED ) - if request.app.state.ENABLE_API_KEY_ENDPOINT_RESTRICTIONS: + if request.app.state.config.ENABLE_API_KEY_ENDPOINT_RESTRICTIONS: allowed_paths = [ path.strip() - for path in str(request.app.state.API_KEY_ALLOWED_PATHS).split(",") + for path in str(request.app.state.config.API_KEY_ALLOWED_PATHS).split( + "," + ) ] if request.url.path not in allowed_paths: