From 9126ceac0816c0ef946bce0bacc896b95508b3f4 Mon Sep 17 00:00:00 2001 From: "Timothy J. Baek" Date: Sat, 21 Sep 2024 15:33:34 +0200 Subject: [PATCH 1/2] fix: WEBUI_AUTH=False not working issue --- .../open_webui/apps/webui/routers/auths.py | 21 ++++++++++++------- 1 file changed, 13 insertions(+), 8 deletions(-) diff --git a/backend/open_webui/apps/webui/routers/auths.py b/backend/open_webui/apps/webui/routers/auths.py index bfa460836..68fa6c351 100644 --- a/backend/open_webui/apps/webui/routers/auths.py +++ b/backend/open_webui/apps/webui/routers/auths.py @@ -188,14 +188,19 @@ async def signin(request: Request, response: Response, form_data: SigninForm): @router.post("/signup", response_model=SigninResponse) async def signup(request: Request, response: Response, form_data: SignupForm): - if ( - not request.app.state.config.ENABLE_SIGNUP - or not request.app.state.config.ENABLE_LOGIN_FORM - or not WEBUI_AUTH - ): - raise HTTPException( - status.HTTP_403_FORBIDDEN, detail=ERROR_MESSAGES.ACCESS_PROHIBITED - ) + if not WEBUI_AUTH: + if Users.get_num_users() != 0: + raise HTTPException( + status.HTTP_403_FORBIDDEN, detail=ERROR_MESSAGES.ACCESS_PROHIBITED + ) + else: + if ( + not request.app.state.config.ENABLE_SIGNUP + or not request.app.state.config.ENABLE_LOGIN_FORM + ): + raise HTTPException( + status.HTTP_403_FORBIDDEN, detail=ERROR_MESSAGES.ACCESS_PROHIBITED + ) if not validate_email_format(form_data.email.lower()): raise HTTPException( From 00f6b4bf0920d949eb17a2b9f86500af77fdd4e6 Mon Sep 17 00:00:00 2001 From: "Timothy J. Baek" Date: Sat, 21 Sep 2024 15:35:35 +0200 Subject: [PATCH 2/2] refac --- backend/open_webui/apps/webui/routers/auths.py | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/backend/open_webui/apps/webui/routers/auths.py b/backend/open_webui/apps/webui/routers/auths.py index 68fa6c351..563fc145f 100644 --- a/backend/open_webui/apps/webui/routers/auths.py +++ b/backend/open_webui/apps/webui/routers/auths.py @@ -188,12 +188,7 @@ async def signin(request: Request, response: Response, form_data: SigninForm): @router.post("/signup", response_model=SigninResponse) async def signup(request: Request, response: Response, form_data: SignupForm): - if not WEBUI_AUTH: - if Users.get_num_users() != 0: - raise HTTPException( - status.HTTP_403_FORBIDDEN, detail=ERROR_MESSAGES.ACCESS_PROHIBITED - ) - else: + if WEBUI_AUTH: if ( not request.app.state.config.ENABLE_SIGNUP or not request.app.state.config.ENABLE_LOGIN_FORM @@ -201,6 +196,11 @@ async def signup(request: Request, response: Response, form_data: SignupForm): raise HTTPException( status.HTTP_403_FORBIDDEN, detail=ERROR_MESSAGES.ACCESS_PROHIBITED ) + else: + if Users.get_num_users() != 0: + raise HTTPException( + status.HTTP_403_FORBIDDEN, detail=ERROR_MESSAGES.ACCESS_PROHIBITED + ) if not validate_email_format(form_data.email.lower()): raise HTTPException(