mirror of
https://github.com/open-webui/open-webui.git
synced 2026-07-16 23:21:44 -05:00
[PR #7162] [MERGED] LDAP auth fixes: do not store LDAP password, use default user role on first auth, allow ldap only form. #109331
Reference in New Issue
Block a user
Delete Branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
📋 Pull Request Information
Original PR: https://github.com/open-webui/open-webui/pull/7162
Author: @morgan55555
Created: 11/21/2024
Status: ✅ Merged
Merged: 11/21/2024
Merged by: @tjbck
Base:
dev← Head:dev📝 Commits (2)
b1237cfFixed security vulnerability: now LDAP password hashes are not stored, same as trusted header auth.b9e637eNow ENABLE_LOGIN_FORM=False disabling only email form.📊 Changes
2 files changed (+21 additions, -8 deletions)
View changed files
📝
backend/open_webui/apps/webui/routers/auths.py(+14 -4)📝
src/routes/auth/+page.svelte(+7 -4)📄 Description
Pull Request Checklist
Note to first-time contributors: Please open a discussion post in Discussions and describe your changes before submitting a pull request.
Before submitting, make sure you've checked the following:
devbranch.Changelog Entry
Description
This also fixing login after LDAP password was changed.
If you need both LDAP and e-mail authorizations: register e-mail first or set password in user settings after LDAP first login.
Added
Changed
Fixed
Security
🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.