highperfocused/open-webui
1
0
Fork 0
mirror of https://github.com/open-webui/open-webui.git synced 2025-10-10 21:03:02 +02:00
Code Issues Packages Projects Releases Wiki Activity

enh: configurable api key endpoint restrictions

Browse Source
This commit is contained in:
Timothy Jaeryang Baek
2024-12-26 20:57:51 -08:00
parent 611955bc91
commit 1e974439d9
5 changed files with 67 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
backend/open_webui/utils/auth.py
View File

@@ -96,11 +96,13 @@ def get_current_user(
status.HTTP_403_FORBIDDEN, detail=ERROR_MESSAGES.API_KEY_NOT_ALLOWED
)
allowed_paths = ["/api/models", "/api/chat/completions"]
if request.url.path not in allowed_paths:
raise HTTPException(
status.HTTP_403_FORBIDDEN, detail=ERROR_MESSAGES.API_KEY_NOT_ALLOWED
)
if request.app.state.ENABLE_API_KEY_ENDPOINT_RESTRICTIONS:
allowed_paths = str(request.app.state.API_KEY_ALLOWED_ENDPOINTS).split(",")
if request.url.path not in allowed_paths:
raise HTTPException(
status.HTTP_403_FORBIDDEN, detail=ERROR_MESSAGES.API_KEY_NOT_ALLOWED
)
return get_current_user_by_api_key(token)