From eab30781e0e02033c66df1f659118204ab3bbc98 Mon Sep 17 00:00:00 2001 From: Hugo Haldi <20846785+HaldiH@users.noreply.github.com> Date: Fri, 27 Sep 2024 20:04:45 +0200 Subject: [PATCH] Chat completion 401 when no Authorization header When we send a request to `/api/chat/completions` without the `Authorization` header, the server just crashes and creates a stack trace, returning "Internal Server Error" to the calling client. With this fix, the server sends a 401 to the client with the content `{"detail": "Not authenticated"}`. --- backend/open_webui/main.py | 20 ++++++++++++++++---- 1 file changed, 16 insertions(+), 4 deletions(-) diff --git a/backend/open_webui/main.py b/backend/open_webui/main.py index 4af48906b..9c075f367 100644 --- a/backend/open_webui/main.py +++ b/backend/open_webui/main.py @@ -761,10 +761,22 @@ class PipelineMiddleware(BaseHTTPMiddleware): # Parse string to JSON data = json.loads(body_str) if body_str else {} - user = get_current_user( - request, - get_http_authorization_cred(request.headers["Authorization"]), - ) + try: + user = get_current_user( + request, + get_http_authorization_cred(request.headers["Authorization"]), + ) + except KeyError as e: + if len(e.args) > 1: + return JSONResponse( + status_code=e.args[0], + content={"detail": e.args[1]}, + ) + else: + return JSONResponse( + status_code=status.HTTP_401_UNAUTHORIZED, + content={"detail": "Not authenticated"}, + ) try: data = filter_pipeline(data, user)