mirror of
https://github.com/open-webui/open-webui.git
synced 2026-07-15 21:19:39 -05:00
[PR #14152] [MERGED] fix(auth): correctly use password hash when duplicate email records exist #10197
Reference in New Issue
Block a user
Delete Branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
📋 Pull Request Information
Original PR: https://github.com/open-webui/open-webui/pull/14152
Author: @U8F69
Created: 5/22/2025
Status: ✅ Merged
Merged: 5/22/2025
Merged by: @tjbck
Base:
dev← Head:fix_user_auth📝 Commits (1)
dd6124afix(auth): fix invalid password use in auth📊 Changes
3 files changed (+12 additions, -4 deletions)
View changed files
📝
backend/open_webui/models/auths.py(+6 -2)📝
backend/open_webui/retrieval/web/searchapi.py(+3 -1)📝
backend/open_webui/retrieval/web/serpapi.py(+3 -1)📄 Description
Changelog Entry
Description
The Auth table may contain multiple records with the same email address, particularly if a user was deleted and then signed up again. This PR will use the user ID to select the specific Auth record, ensuring that we use the correct password hash.
Fixed
Contributor License Agreement
By submitting this pull request, I confirm that I have read and fully agree to the Contributor License Agreement (CLA), and I am providing my contributions under its terms.
🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.