refac

2025-12-15 19:37:47 +01:00 · 2025-09-08 18:17:11 +04:00
parent 7693d0e2b0
commit fc11e4384f
3 changed files with 7 additions and 2 deletions
--- a/backend/open_webui/routers/auths.py
+++ b/backend/open_webui/routers/auths.py
@@ -677,6 +677,7 @@ async def signup(request: Request, response: Response, form_data: SignupForm):
 async def signout(request: Request, response: Response):
    response.delete_cookie("token")
    response.delete_cookie("oui-session")
+    response.delete_cookie("oauth_id_token")

    oauth_session_id = request.cookies.get("oauth_session_id")
    if oauth_session_id:
--- a/backend/open_webui/utils/auth.py
+++ b/backend/open_webui/utils/auth.py
@@ -313,6 +313,10 @@ def get_current_user(
        # Delete the token cookie
        if request.cookies.get("token"):
            response.delete_cookie("token")
+
+        if request.cookies.get("oauth_id_token"):
+            response.delete_cookie("oauth_id_token")
+
        # Delete OAuth session if present
        if request.cookies.get("oauth_session_id"):
            response.delete_cookie("oauth_session_id")
--- a/backend/open_webui/utils/oauth.py
+++ b/backend/open_webui/utils/oauth.py
@@ -824,7 +824,7 @@ class OAuthManager:
            if "expires_in" in token and "expires_at" not in token:
                token["expires_at"] = datetime.now().timestamp() + token["expires_in"]

-            session_id = await OAuthSessions.create_session(
+            session = OAuthSessions.create_session(
                user_id=user.id,
                provider=provider,
                token=token,
@@ -832,7 +832,7 @@ class OAuthManager:

            response.set_cookie(
                key="oauth_session_id",
-                value=session_id,
+                value=session.id,
                httponly=True,
                samesite=WEBUI_AUTH_COOKIE_SAME_SITE,
                secure=WEBUI_AUTH_COOKIE_SECURE,