From ee5fd1246cb3f8f16ca5cbb24feeea43b7800dcb Mon Sep 17 00:00:00 2001 From: Tim Baek Date: Sun, 1 Feb 2026 03:26:59 +0400 Subject: [PATCH] refac --- backend/open_webui/main.py | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/backend/open_webui/main.py b/backend/open_webui/main.py index e341248120..5ed84baf29 100644 --- a/backend/open_webui/main.py +++ b/backend/open_webui/main.py @@ -1375,6 +1375,13 @@ async def check_url(request: Request, call_next): request.state.token = get_http_authorization_cred( request.headers.get("Authorization") ) + # Fallback to cookie token for browser sessions + if request.state.token is None and request.cookies.get("token"): + from fastapi.security import HTTPAuthorizationCredentials + request.state.token = HTTPAuthorizationCredentials( + scheme="Bearer", + credentials=request.cookies.get("token") + ) request.state.enable_api_keys = app.state.config.ENABLE_API_KEYS response = await call_next(request)