From a4281f6a7fbc9764b57830e4ef81bb780aa34af9 Mon Sep 17 00:00:00 2001
From: Timothy Jaeryang Baek <tim@openwebui.com>
Date: Wed, 11 Feb 2026 18:25:37 -0600
Subject: [PATCH] refac: ldap

---
 backend/open_webui/routers/auths.py | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/backend/open_webui/routers/auths.py b/backend/open_webui/routers/auths.py
index 0bafc7d9e9..7f86307e80 100644
--- a/backend/open_webui/routers/auths.py
+++ b/backend/open_webui/routers/auths.py
@@ -1,3 +1,4 @@
+import asyncio
 import re
 import uuid
 import time
@@ -377,7 +378,7 @@ async def ldap_auth(
             auto_bind="NONE",
             authentication="SIMPLE" if LDAP_APP_DN else "ANONYMOUS",
         )
-        if not connection_app.bind():
+        if not await asyncio.to_thread(connection_app.bind):
             raise HTTPException(400, detail="Application account bind failed")
 
         ENABLE_LDAP_GROUP_MANAGEMENT = (
@@ -398,7 +399,8 @@ async def ldap_auth(
             )
         log.info(f"LDAP search attributes: {search_attributes}")
 
-        search_success = connection_app.search(
+        search_success = await asyncio.to_thread(
+            connection_app.search,
             search_base=LDAP_SEARCH_BASE,
             search_filter=f"(&({LDAP_ATTRIBUTE_FOR_USERNAME}={escape_filter_chars(form_data.user.lower())}){LDAP_SEARCH_FILTERS})",
             attributes=search_attributes,
@@ -502,7 +504,7 @@ async def ldap_auth(
                 auto_bind="NONE",
                 authentication="SIMPLE",
             )
-            if not connection_user.bind():
+            if not await asyncio.to_thread(connection_user.bind):
                 raise HTTPException(400, "Authentication failed.")
 
             user = Users.get_user_by_email(email, db=db)