From d67f3d982b3548cabb5f3fbf379927f596c03976 Mon Sep 17 00:00:00 2001
From: Tim Farrell <tim@thecookiejar.me>
Date: Thu, 1 Feb 2024 13:40:59 -0600
Subject: [PATCH] Start by renaming variables to something more generic. This
 will give us a bit more flexibility as we look to other session management
 mechanisms.

---
 Dockerfile             | 2 +-
 backend/config.py      | 9 ++++++---
 backend/utils/utils.py | 6 +++---
 docker-compose.yaml    | 1 +
 4 files changed, 11 insertions(+), 7 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 3d4e380a6..d292716b8 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -25,7 +25,7 @@ ENV OLLAMA_API_BASE_URL "/ollama/api"
 ENV OPENAI_API_BASE_URL ""
 ENV OPENAI_API_KEY ""
 
-ENV WEBUI_JWT_SECRET_KEY "SECRET_KEY"
+ENV WEBUI_SECRET_KEY ""
 
 WORKDIR /app/backend
 
diff --git a/backend/config.py b/backend/config.py
index 05733f885..18e0824d8 100644
--- a/backend/config.py
+++ b/backend/config.py
@@ -98,12 +98,15 @@ WEBUI_VERSION = os.environ.get("WEBUI_VERSION", "v1.0.0-alpha.61")
 WEBUI_AUTH = True
 
 ####################################
-# WEBUI_JWT_SECRET_KEY
+# WEBUI_SECRET_KEY
 ####################################
 
-WEBUI_JWT_SECRET_KEY = os.environ.get("WEBUI_JWT_SECRET_KEY", "t0p-s3cr3t")
+WEBUI_SECRET_KEY = os.environ.get(
+    "WEBUI_SECRET_KEY",
+    os.environ.get("WEBUI_JWT_SECRET_KEY", "t0p-s3cr3t")  # DEPRECATED: remove at next major version
+)
 
-if WEBUI_AUTH and WEBUI_JWT_SECRET_KEY == "":
+if WEBUI_AUTH and WEBUI_SECRET_KEY == "":
     raise ValueError(ERROR_MESSAGES.ENV_VAR_NOT_FOUND)
 
 ####################################
diff --git a/backend/utils/utils.py b/backend/utils/utils.py
index be500ce3b..768a2ebf1 100644
--- a/backend/utils/utils.py
+++ b/backend/utils/utils.py
@@ -14,7 +14,7 @@ import config
 logging.getLogger("passlib").setLevel(logging.ERROR)
 
 
-JWT_SECRET_KEY = config.WEBUI_JWT_SECRET_KEY
+SESSION_SECRET = config.WEBUI_SECRET_KEY
 ALGORITHM = "HS256"
 
 ##############
@@ -42,13 +42,13 @@ def create_token(data: dict, expires_delta: Union[timedelta, None] = None) -> st
         expire = datetime.utcnow() + expires_delta
         payload.update({"exp": expire})
 
-    encoded_jwt = jwt.encode(payload, JWT_SECRET_KEY, algorithm=ALGORITHM)
+    encoded_jwt = jwt.encode(payload, SESSION_SECRET, algorithm=ALGORITHM)
     return encoded_jwt
 
 
 def decode_token(token: str) -> Optional[dict]:
     try:
-        decoded = jwt.decode(token, JWT_SECRET_KEY, options={"verify_signature": False})
+        decoded = jwt.decode(token, SESSION_SECRET, options={"verify_signature": False})
         return decoded
     except Exception as e:
         return None
diff --git a/docker-compose.yaml b/docker-compose.yaml
index 7cd1bde0c..eb0a8a90b 100644
--- a/docker-compose.yaml
+++ b/docker-compose.yaml
@@ -26,6 +26,7 @@ services:
       - ${OLLAMA_WEBUI_PORT-3000}:8080
     environment:
       - 'OLLAMA_API_BASE_URL=http://ollama:11434/api'
+      - 'WEBUI_SECRET_KEY='
     extra_hosts:
       - host.docker.internal:host-gateway
     restart: unless-stopped