UniqAI/open-webui
1
0
Fork 0
mirror of https://github.com/open-webui/open-webui synced 2025-01-31 23:08:59 +00:00
Code Issues Actions 4 Packages Projects Releases Wiki Activity
412923dc91
open-webui/backend/open_webui/utils
History
Antti Pyykkönen 412923dc91 feat: separate cookie settings between session & auth cookies 
Introducing two new env config options to control cookies settings regarding
authentication. These values are taken into use when setting 'token' and 'oauth_id_token'.
To maintain backwards compatibility, the original session cookie values are used as
fallback.

Separation is done to prevent issues with the session cookie. When the config value was
set as 'strict', the oauth flow was broken (since the session cookie was not provided
after the callback).

Providing a separate config for auth & session cookies allows us to keep the 'strict'
settings for auth related cookies, while also allowing the session cookie to behave as
intended (e.g., by configuring it as 'lax').

The original config was added in commit #af4f8aa. However a later commit #a2e889c reused
this config option for other type of cookies, which was not the original intent.
2025-01-23 16:16:50 +02:00
..
images
access_control.py
auth.py
chat.py
middleware.py refac 2025-01-22 12:49:29 -08:00
misc.py
models.py
oauth.py feat: separate cookie settings between session & auth cookies 2025-01-23 16:16:50 +02:00
payload.py enh: reasoning_effort param support for openai 2025-01-22 12:07:04 -08:00
pdf_generator.py
plugin.py
response.py
security_headers.py
task.py
tools.py
webhook.py