From f4a1d99f001bf9b3ebe7f5d1b37ec5aa0fc304a7 Mon Sep 17 00:00:00 2001 From: Timothy Jaeryang Baek Date: Mon, 23 Feb 2026 12:52:46 -0600 Subject: [PATCH] refac --- backend/open_webui/models/oauth_sessions.py | 1 + backend/open_webui/utils/oauth.py | 25 ++++++++++++--------- 2 files changed, 16 insertions(+), 10 deletions(-) diff --git a/backend/open_webui/models/oauth_sessions.py b/backend/open_webui/models/oauth_sessions.py index fbcd763f34..68b2eeb0f5 100644 --- a/backend/open_webui/models/oauth_sessions.py +++ b/backend/open_webui/models/oauth_sessions.py @@ -135,6 +135,7 @@ class OAuthSessionTable: db.refresh(result) if result: + db.expunge(result) # Detach so dict swap is never flushed result.token = token # Return decrypted token return OAuthSessionModel.model_validate(result) else: diff --git a/backend/open_webui/utils/oauth.py b/backend/open_webui/utils/oauth.py index b23c5c90a3..6e59317f88 100644 --- a/backend/open_webui/utils/oauth.py +++ b/backend/open_webui/utils/oauth.py @@ -1706,17 +1706,22 @@ class OAuthManager: db=db, ) - response.set_cookie( - key="oauth_session_id", - value=session.id, - httponly=True, - samesite=WEBUI_AUTH_COOKIE_SAME_SITE, - secure=WEBUI_AUTH_COOKIE_SECURE, - ) + if session: + response.set_cookie( + key="oauth_session_id", + value=session.id, + httponly=True, + samesite=WEBUI_AUTH_COOKIE_SAME_SITE, + secure=WEBUI_AUTH_COOKIE_SECURE, + ) - log.info( - f"Stored OAuth session server-side for user {user.id}, provider {provider}" - ) + log.info( + f"Stored OAuth session server-side for user {user.id}, provider {provider}" + ) + else: + log.warning( + f"Failed to create OAuth session for user {user.id}, provider {provider}" + ) except Exception as e: log.error(f"Failed to store OAuth session server-side: {e}")