github-starred/open-webui
2
0
Fork 0
mirror of https://github.com/open-webui/open-webui.git synced 2026-05-06 10:58:17 -05:00
Code Issues 1.2k Packages Projects Releases 126 Wiki Activity

[GH-ISSUE #3793] 0.3.8 break trusted header auth #13386

New Issue
Closed
opened 2026-04-19 20:08:51 -05:00 by GiteaMirror · 1 comment
GiteaMirror commented 2026-04-19 20:08:51 -05:00
Owner
Copy Link

Originally created by @chain710 on GitHub (Jul 11, 2024).
Original GitHub issue: https://github.com/open-webui/open-webui/issues/3793

Bug Report

Description

Bug Summary:

0.3.8 break trusted header auth

I have nginx with Authelia handling user authentication, where nginx passes the validated user email as Remote-Email to access the Open webui. Everything was working fine until I upgraded Open webui to version 0.3.8 today.

Reverting back to version 0.3.7 temporarily resolved the issue.

Steps to Reproduce:

upgrade to 0.3.8

env

    environment:
      - ENABLE_SIGNUP=False
      - WEBUI_AUTH_TRUSTED_EMAIL_HEADER=Remote-Email

Expected Behavior:

Should auto login

Actual Behavior:

Login failed with error: "The email or password provided is incorrect. Please check for typos and try logging in again."

Environment

  • **Open WebUI Version: 0.3.8

  • **Ollama (if applicable): not relevant

  • **Operating System: windows 11

  • **Browser (if applicable): Chrome 126

Reproduction Details

Confirmation:

  • I have read and followed all the instructions provided in the README.md.
  • I am on the latest version of both Open WebUI and Ollama.
  • I have included the browser console logs.
  • I have included the Docker container logs.

Logs and Screenshots

Browser Console Logs:

{
    "status": true,
    "name": "Open WebUI",
    "version": "0.3.8",
    "default_locale": "",
    "default_models": "gpt-3.5-turbo",
    "default_prompt_suggestions": [
        {
            "title": [
                "Help me study",
                "vocabulary for a college entrance exam"
            ],
            "content": "Help me study vocabulary: write a sentence for me to fill in the blank, and I'll try to pick the correct option."
        },
        {
            "title": [
                "Give me ideas",
                "for what to do with my kids' art"
            ],
            "content": "What are 5 creative things I could do with my kids' art? I don't want to throw them away, but it's also so much clutter."
        },
        {
            "title": [
                "Tell me a fun fact",
                "about the Roman Empire"
            ],
            "content": "Tell me a random fun fact about the Roman Empire"
        },
        {
            "title": [
                "Show me a code snippet",
                "of a website's sticky header"
            ],
            "content": "Show me a code snippet of a website's sticky header in CSS and JavaScript."
        },
        {
            "title": [
                "Explain options trading",
                "if I'm familiar with buying and selling stocks"
            ],
            "content": "Explain options trading in simple terms if I'm familiar with buying and selling stocks."
        },
        {
            "title": [
                "Overcome procrastination",
                "give me tips"
            ],
            "content": "Could you start by asking me about instances when I procrastinate the most and then give me some suggestions to overcome it?"
        }
    ],
    "features": {
        "auth": true,
        "auth_trusted_header": true,
        "enable_signup": false,
        "enable_web_search": true,
        "enable_image_generation": true,
        "enable_community_sharing": false,
        "enable_admin_export": true
    },
    "audio": {
        "tts": {
            "engine": "openai",
            "voice": "alloy"
        },
        "stt": {
            "engine": "openai"
        }
    },
    "oauth": {
        "providers": {}
    }
}

index.ts:116  POST https://xxxx/api/v1/auths/signin 400 (Bad Request)
{
    "detail": "The email or password provided is incorrect. Please check for typos and try logging in again."
}

Docker Container Logs:
No relevant log

Screenshots (if applicable):

image

Installation Method

Docker compose

  open-webui:
    image: ghcr.io/open-webui/open-webui:0.3.7
    container_name: open-webui
    ports:
      - 8080:8080
    environment:
      - OLLAMA_BASE_URL=http://xxx
      - OPENAI_API_BASE_URL=https://xxx
      - OPENAI_API_KEY=xxx
      - ENABLE_MODEL_FILTER=True
      - MODEL_FILTER_LIST="xxx"
      - ENABLE_SIGNUP=False
      - WEBUI_AUTH_TRUSTED_EMAIL_HEADER=Remote-Email
    volumes:
      - ${DATA_ROOT}/open-webui/data:/app/backend/data
    restart: unless-stopped
Originally created by @chain710 on GitHub (Jul 11, 2024). Original GitHub issue: https://github.com/open-webui/open-webui/issues/3793 # Bug Report ## Description **Bug Summary:** 0.3.8 break trusted header auth I have nginx with Authelia handling user authentication, where nginx passes the validated user email as Remote-Email to access the Open webui. Everything was working fine until I upgraded Open webui to version 0.3.8 today. Reverting back to version 0.3.7 temporarily resolved the issue. **Steps to Reproduce:** upgrade to 0.3.8 env ``` environment: - ENABLE_SIGNUP=False - WEBUI_AUTH_TRUSTED_EMAIL_HEADER=Remote-Email ``` **Expected Behavior:** Should auto login **Actual Behavior:** Login failed with error: "The email or password provided is incorrect. Please check for typos and try logging in again." ## Environment - **Open WebUI Version: 0.3.8 - **Ollama (if applicable): not relevant - **Operating System: windows 11 - **Browser (if applicable): Chrome 126 ## Reproduction Details **Confirmation:** - [x] I have read and followed all the instructions provided in the README.md. - [x] I am on the latest version of both Open WebUI and Ollama. - [x] I have included the browser console logs. - [x] I have included the Docker container logs. ## Logs and Screenshots **Browser Console Logs:** ``` { "status": true, "name": "Open WebUI", "version": "0.3.8", "default_locale": "", "default_models": "gpt-3.5-turbo", "default_prompt_suggestions": [ { "title": [ "Help me study", "vocabulary for a college entrance exam" ], "content": "Help me study vocabulary: write a sentence for me to fill in the blank, and I'll try to pick the correct option." }, { "title": [ "Give me ideas", "for what to do with my kids' art" ], "content": "What are 5 creative things I could do with my kids' art? I don't want to throw them away, but it's also so much clutter." }, { "title": [ "Tell me a fun fact", "about the Roman Empire" ], "content": "Tell me a random fun fact about the Roman Empire" }, { "title": [ "Show me a code snippet", "of a website's sticky header" ], "content": "Show me a code snippet of a website's sticky header in CSS and JavaScript." }, { "title": [ "Explain options trading", "if I'm familiar with buying and selling stocks" ], "content": "Explain options trading in simple terms if I'm familiar with buying and selling stocks." }, { "title": [ "Overcome procrastination", "give me tips" ], "content": "Could you start by asking me about instances when I procrastinate the most and then give me some suggestions to overcome it?" } ], "features": { "auth": true, "auth_trusted_header": true, "enable_signup": false, "enable_web_search": true, "enable_image_generation": true, "enable_community_sharing": false, "enable_admin_export": true }, "audio": { "tts": { "engine": "openai", "voice": "alloy" }, "stt": { "engine": "openai" } }, "oauth": { "providers": {} } } index.ts:116 POST https://xxxx/api/v1/auths/signin 400 (Bad Request) { "detail": "The email or password provided is incorrect. Please check for typos and try logging in again." } ``` **Docker Container Logs:** No relevant log **Screenshots (if applicable):** ![image](https://github.com/open-webui/open-webui/assets/486539/18f6bfad-482a-4bf8-bd76-ea0c68f78da0) ## Installation Method Docker compose ``` open-webui: image: ghcr.io/open-webui/open-webui:0.3.7 container_name: open-webui ports: - 8080:8080 environment: - OLLAMA_BASE_URL=http://xxx - OPENAI_API_BASE_URL=https://xxx - OPENAI_API_KEY=xxx - ENABLE_MODEL_FILTER=True - MODEL_FILTER_LIST="xxx" - ENABLE_SIGNUP=False - WEBUI_AUTH_TRUSTED_EMAIL_HEADER=Remote-Email volumes: - ${DATA_ROOT}/open-webui/data:/app/backend/data restart: unless-stopped ```
GiteaMirror commented 2026-04-19 20:08:52 -05:00
Author
Owner
Copy Link

@tjbck commented on GitHub (Jul 11, 2024):

Fixed with the latest! https://github.com/open-webui/open-webui/issues/3757

<!-- gh-comment-id:2223498710 --> @tjbck commented on GitHub (Jul 11, 2024): Fixed with the latest! https://github.com/open-webui/open-webui/issues/3757
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
bug
confirmed
confirmed issue
core
documentation
enhancement
good first issue
help wanted
non-core
pull-request
Mirrored from GitHub Pull Request
 python
question
testing wanted
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
GiteaMirror ninjasurge
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/open-webui#13386
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?