From 218bd7a40232e3dfb374f5e2be1a169cf5e5402f Mon Sep 17 00:00:00 2001 From: Timothy Jaeryang Baek Date: Sat, 21 Mar 2026 19:53:45 -0500 Subject: [PATCH] refac --- backend/open_webui/routers/auths.py | 29 +++++++++++++++-------------- 1 file changed, 15 insertions(+), 14 deletions(-) diff --git a/backend/open_webui/routers/auths.py b/backend/open_webui/routers/auths.py index 8cf6b6b1a5..595c990a12 100644 --- a/backend/open_webui/routers/auths.py +++ b/backend/open_webui/routers/auths.py @@ -566,22 +566,23 @@ async def signin( ) user = Auths.authenticate_user_by_email(email, db=db) - if WEBUI_AUTH_TRUSTED_GROUPS_HEADER and user: - group_names = request.headers.get(WEBUI_AUTH_TRUSTED_GROUPS_HEADER, '').split(',') - group_names = [name.strip() for name in group_names if name.strip()] + if user: + if WEBUI_AUTH_TRUSTED_GROUPS_HEADER: + group_names = request.headers.get(WEBUI_AUTH_TRUSTED_GROUPS_HEADER, '').split(',') + group_names = [name.strip() for name in group_names if name.strip()] - if group_names: - Groups.sync_groups_by_group_names(user.id, group_names, db=db) + if group_names: + Groups.sync_groups_by_group_names(user.id, group_names, db=db) - if WEBUI_AUTH_TRUSTED_ROLE_HEADER and user: - trusted_role = request.headers.get(WEBUI_AUTH_TRUSTED_ROLE_HEADER, '').lower().strip() - if trusted_role in {'admin', 'user', 'pending'}: - if user.role != trusted_role: - Users.update_user_role_by_id(user.id, trusted_role, db=db) - elif trusted_role: - log.warning( - f'Ignoring invalid trusted role header value: {trusted_role}' - ) + if WEBUI_AUTH_TRUSTED_ROLE_HEADER: + trusted_role = request.headers.get(WEBUI_AUTH_TRUSTED_ROLE_HEADER, '').lower().strip() + if trusted_role in {'admin', 'user', 'pending'}: + if user.role != trusted_role: + Users.update_user_role_by_id(user.id, trusted_role, db=db) + elif trusted_role: + log.warning( + f'Ignoring invalid trusted role header value: {trusted_role}' + ) elif WEBUI_AUTH == False: admin_email = 'admin@localhost'