github-starred/open-webui
2
0
Fork 0
mirror of https://github.com/open-webui/open-webui.git synced 2026-05-06 02:48:13 -05:00
Code Issues 1.1k Packages Projects Releases 126 Wiki Activity

[PR #19946] [CLOSED] feat: client-side chat encryption at rest + encrypted share links #41036

New Issue
Closed
opened 2026-04-25 13:21:45 -05:00 by GiteaMirror · 0 comments
GiteaMirror commented 2026-04-25 13:21:45 -05:00
Owner
Copy Link

📋 Pull Request Information

Original PR: https://github.com/open-webui/open-webui/pull/19946
Author: @dennishenry
Created: 12/14/2025
Status: Closed

Base: devHead: add_encrypted_chats

📝 Commits (9)

📊 Changes

99 files changed (+4736 additions, -587 deletions)

View changed files

📝 .env.example (+8 -1)
📝 backend/open_webui/env.py (+12 -0)
📝 backend/open_webui/main.py (+10 -0)
📝 backend/open_webui/models/chats.py (+120 -28)
📝 backend/open_webui/models/users.py (+3 -1)
📝 backend/open_webui/routers/auths.py (+14 -3)
📝 backend/open_webui/routers/chats.py (+102 -4)
backend/open_webui/routers/encryption.py (+28 -0)
📝 backend/open_webui/routers/users.py (+2 -0)
📝 backend/open_webui/test/apps/webui/routers/test_auths.py (+29 -15)
📝 backend/open_webui/test/apps/webui/routers/test_chats.py (+113 -2)
backend/open_webui/test/apps/webui/routers/test_encryption.py (+27 -0)
📝 backend/open_webui/test/apps/webui/routers/test_models.py (+37 -20)
📝 backend/open_webui/test/apps/webui/routers/test_prompts.py (+9 -9)
📝 backend/open_webui/test/apps/webui/routers/test_users.py (+38 -25)
📝 backend/open_webui/test/apps/webui/storage/test_provider.py (+206 -323)
backend/open_webui/test/conftest.py (+121 -0)
📝 backend/open_webui/test/util/abstract_integration_test.py (+30 -8)
📝 backend/open_webui/test/util/mock_user.py (+1 -1)
📝 backend/open_webui/test/util/test_redis.py (+4 -4)

...and 79 more files

📄 Description

Pull Request Checklist

  • Target branch: Verify that the pull request targets the dev branch. Not targeting the dev branch will lead to immediate closure of the PR.
  • Description: Provide a concise description of the changes made in this pull request down below.
  • Changelog: Ensure a changelog entry following the format of Keep a Changelog is added at the bottom of the PR description.
  • Documentation: If necessary, update relevant documentation Open WebUI Docs like environment variables, the tutorials, or other documentation sources.
  • Dependencies: Are there any new dependencies? Have you updated the dependency versions in the documentation?
  • Testing: Perform manual tests to verify the implemented fix/feature works as intended AND does not break any other functionality. Take this as an opportunity to make screenshots of the feature/fix and include it in the PR description.
  • Agentic AI Code: Confirm this Pull Request is not written by any AI Agent or has at least gone through additional human review AND manual testing. If any AI Agent is the co-author of this PR, it may lead to immediate closure of the PR.
  • Code review: Have you performed a self-review of your code, addressing any coding standard issues and ensuring adherence to the project's coding standards?
  • Title Prefix: To clearly categorize this pull request, prefix the pull request title using one of the following:
    • BREAKING CHANGE: Significant changes that may affect compatibility
    • build: Changes that affect the build system or external dependencies
    • ci: Changes to our continuous integration processes or workflows
    • chore: Refactor, cleanup, or other non-functional code changes
    • docs: Documentation update or addition
    • feat: Introduces a new feature or enhancement to the codebase
    • fix: Bug fix or error correction
    • i18n: Internationalization or localization changes
    • perf: Performance improvement
    • refactor: Code restructuring for better maintainability, readability, or scalability
    • style: Changes that do not affect the meaning of the code (white space, formatting, missing semi-colons, etc.)
    • test: Adding missing tests or correcting existing tests
    • WIP: Work in progress, a temporary label for incomplete or ongoing work

Changelog Entry

Description

Implements chat encryption wherein chat content is encrypted in the browser and stored as ciphertext on the server/database. It's important to note that prompts are still sent in plaintext to the backend for model inference.

Added

  • Add chat encryption env flags and surface them via app config + new GET /api/v1/encryption/policy endpoint:
    • WEBUI_CHAT_ENCRYPTION_DEFAULT
    • WEBUI_CHAT_ENCRYPTION_REQUIRED
    • WEBUI_CHAT_ENCRYPTION_ALLOW_LEGACY_READ
  • Introduce is_encrypted_chat() helper and treat encrypted chats as opaque server-side (no message parsing/decryption); derive title/id from meta
  • Accept { enc, meta } payloads for chat create/import/update and enforce REQUIRED mode by rejecting plaintext writes with 409; optionally block legacy reads when REQUIRED and legacy reads are disabled
  • Block server-side clone/share for encrypted chats (clear 409 responses) and extend share flow to allow client-encrypted “share packages” ({share, meta}) to be stored without server-side decryption
  • Harden auth session token handling (Authorization header or cookie) and fix password validation to use new_password
  • Improve Redis Sentinel proxy by retry-wrapping factory methods; export MAX_RETRY_COUNT for tests
  • Add WebCrypto envelope utilities (base64url, IndexedDB UMK storage + fingerprint, chat/share encrypt/decrypt, recovery key import/export)
  • Auto-initialize/lock encryption based on server policy and persist user settings (chatEncryptionEnabled, chatEncryptionUmkFingerprint)
  • Decrypt on chat load; encrypt on save via a centralized patch/persist path; add “Encrypt this chat” banner plus Settings → Data Controls toggle and bulk “Encrypt All Chats” migration with progress/cancel UX
  • Sharing now creates encrypted share packages in-browser and generates links with a fragment decryption key (/s/<id>#k=...); share page decrypts via the fragment key and provides missing/invalid-key UX; cloning encrypted shares/chats happens client-side (decrypt → clone → re-encrypt as needed)
  • Make sidebar/title/clone flows encryption-aware; add i18n strings for the new encryption + sharing UX across locales
  • Add backend integration coverage for encryption policy + encrypted chat behavior; stabilize pytest by provisioning a shared Postgres container in conftest.py (opt-out via OPEN_WEBUI_TEST_USE_EXISTING_DATABASE_URL=true)
  • Add vitest coverage for crypto helpers and UMK lifecycle including error paths

Changed

  • Refactored storage provider tests to be hermetic (mocked providers and no external emulators) and update Redis sentinel tests accordingly
  • Document feature + env vars (docs/chat-encryption.md, .env.example) and link from docs README
  • Narrow format:backend to black backend/ to avoid formatting non-backend files

Additional Information

Screenshots or Videos

  • [Attach any relevant screenshots or videos demonstrating the changes]

Contributor License Agreement

By submitting this pull request, I confirm that I have read and fully agree to the Contributor License Agreement (CLA), and I am providing my contributions under its terms.

Note

Deleting the CLA section will lead to immediate closure of your PR and it will not be merged in.

🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.

## 📋 Pull Request Information **Original PR:** https://github.com/open-webui/open-webui/pull/19946 **Author:** [@dennishenry](https://github.com/dennishenry) **Created:** 12/14/2025 **Status:** ❌ Closed **Base:** `dev` ← **Head:** `add_encrypted_chats` --- ### 📝 Commits (9) - [`fe6783c`](https://github.com/open-webui/open-webui/commit/fe6783c16699911c7be17392596d579333fb110c) Merge pull request #19030 from open-webui/dev - [`fc05e0a`](https://github.com/open-webui/open-webui/commit/fc05e0a6c5d39da60b603b4d520f800d6e36f748) Merge pull request #19405 from open-webui/dev - [`e3faec6`](https://github.com/open-webui/open-webui/commit/e3faec62c58e3a83d89aa3df539feacefa125e0c) Merge pull request #19416 from open-webui/dev - [`9899293`](https://github.com/open-webui/open-webui/commit/9899293f050ad50ae12024cbebee7e018acd851e) Merge pull request #19448 from open-webui/dev - [`140605e`](https://github.com/open-webui/open-webui/commit/140605e660b8186a7d5c79fb3be6ffb147a2f498) Merge pull request #19462 from open-webui/dev - [`6f1486f`](https://github.com/open-webui/open-webui/commit/6f1486ffd0cb288d0e21f41845361924e0d742b3) Merge pull request #19466 from open-webui/dev - [`84e10f9`](https://github.com/open-webui/open-webui/commit/84e10f9e62539bcc47d96cc0f86be805581992f1) feat: client-side chat encryption at rest + encrypted share links - [`4b4cca0`](https://github.com/open-webui/open-webui/commit/4b4cca06410825db9d79997127edbb884bb3eb64) Merge branch 'dev' into add_encrypted_chats - [`d66a7e9`](https://github.com/open-webui/open-webui/commit/d66a7e9f4762d5f9ba393e03c1d69f2f940e0176) Update README.md ### 📊 Changes **99 files changed** (+4736 additions, -587 deletions) <details> <summary>View changed files</summary> 📝 `.env.example` (+8 -1) 📝 `backend/open_webui/env.py` (+12 -0) 📝 `backend/open_webui/main.py` (+10 -0) 📝 `backend/open_webui/models/chats.py` (+120 -28) 📝 `backend/open_webui/models/users.py` (+3 -1) 📝 `backend/open_webui/routers/auths.py` (+14 -3) 📝 `backend/open_webui/routers/chats.py` (+102 -4) ➕ `backend/open_webui/routers/encryption.py` (+28 -0) 📝 `backend/open_webui/routers/users.py` (+2 -0) 📝 `backend/open_webui/test/apps/webui/routers/test_auths.py` (+29 -15) 📝 `backend/open_webui/test/apps/webui/routers/test_chats.py` (+113 -2) ➕ `backend/open_webui/test/apps/webui/routers/test_encryption.py` (+27 -0) 📝 `backend/open_webui/test/apps/webui/routers/test_models.py` (+37 -20) 📝 `backend/open_webui/test/apps/webui/routers/test_prompts.py` (+9 -9) 📝 `backend/open_webui/test/apps/webui/routers/test_users.py` (+38 -25) 📝 `backend/open_webui/test/apps/webui/storage/test_provider.py` (+206 -323) ➕ `backend/open_webui/test/conftest.py` (+121 -0) 📝 `backend/open_webui/test/util/abstract_integration_test.py` (+30 -8) 📝 `backend/open_webui/test/util/mock_user.py` (+1 -1) 📝 `backend/open_webui/test/util/test_redis.py` (+4 -4) _...and 79 more files_ </details> ### 📄 Description # Pull Request Checklist - [x] **Target branch:** Verify that the pull request targets the `dev` branch. **Not targeting the `dev` branch will lead to immediate closure of the PR.** - [x] **Description:** Provide a concise description of the changes made in this pull request down below. - [x] **Changelog:** Ensure a changelog entry following the format of [Keep a Changelog](https://keepachangelog.com/) is added at the bottom of the PR description. - [x] **Documentation:** If necessary, update relevant documentation [Open WebUI Docs](https://github.com/open-webui/docs) like environment variables, the tutorials, or other documentation sources. - [x] **Dependencies:** Are there any new dependencies? Have you updated the dependency versions in the documentation? - [x] **Testing:** Perform manual tests to **verify the implemented fix/feature works as intended AND does not break any other functionality**. Take this as an opportunity to **make screenshots of the feature/fix and include it in the PR description**. - [x] **Agentic AI Code:** Confirm this Pull Request is **not written by any AI Agent** or has at least **gone through additional human review AND manual testing**. If any AI Agent is the co-author of this PR, it may lead to immediate closure of the PR. - [x] **Code review:** Have you performed a self-review of your code, addressing any coding standard issues and ensuring adherence to the project's coding standards? - [x] **Title Prefix:** To clearly categorize this pull request, prefix the pull request title using one of the following: - **BREAKING CHANGE**: Significant changes that may affect compatibility - **build**: Changes that affect the build system or external dependencies - **ci**: Changes to our continuous integration processes or workflows - **chore**: Refactor, cleanup, or other non-functional code changes - **docs**: Documentation update or addition - **feat**: Introduces a new feature or enhancement to the codebase - **fix**: Bug fix or error correction - **i18n**: Internationalization or localization changes - **perf**: Performance improvement - **refactor**: Code restructuring for better maintainability, readability, or scalability - **style**: Changes that do not affect the meaning of the code (white space, formatting, missing semi-colons, etc.) - **test**: Adding missing tests or correcting existing tests - **WIP**: Work in progress, a temporary label for incomplete or ongoing work # Changelog Entry ### Description Implements chat encryption wherein chat content is encrypted in the browser and stored as ciphertext on the server/database. It's important to note that prompts are still sent in plaintext to the backend for model inference. ### Added - Add chat encryption env flags and surface them via app config + new `GET /api/v1/encryption/policy` endpoint: - `WEBUI_CHAT_ENCRYPTION_DEFAULT` - `WEBUI_CHAT_ENCRYPTION_REQUIRED` - `WEBUI_CHAT_ENCRYPTION_ALLOW_LEGACY_READ` - Introduce `is_encrypted_chat()` helper and treat encrypted chats as opaque server-side (no message parsing/decryption); derive title/id from `meta` - Accept `{ enc, meta }` payloads for chat create/import/update and enforce REQUIRED mode by rejecting plaintext writes with 409; optionally block legacy reads when REQUIRED and legacy reads are disabled - Block server-side clone/share for encrypted chats (clear 409 responses) and extend share flow to allow client-encrypted “share packages” (`{share, meta}`) to be stored without server-side decryption - Harden auth session token handling (Authorization header or cookie) and fix password validation to use `new_password` - Improve Redis Sentinel proxy by retry-wrapping factory methods; export `MAX_RETRY_COUNT` for tests - Add WebCrypto envelope utilities (base64url, IndexedDB UMK storage + fingerprint, chat/share encrypt/decrypt, recovery key import/export) - Auto-initialize/lock encryption based on server policy and persist user settings (`chatEncryptionEnabled`, `chatEncryptionUmkFingerprint`) - Decrypt on chat load; encrypt on save via a centralized patch/persist path; add “Encrypt this chat” banner plus Settings → Data Controls toggle and bulk “Encrypt All Chats” migration with progress/cancel UX - Sharing now creates encrypted share packages in-browser and generates links with a fragment decryption key (`/s/<id>#k=...`); share page decrypts via the fragment key and provides missing/invalid-key UX; cloning encrypted shares/chats happens client-side (decrypt → clone → re-encrypt as needed) - Make sidebar/title/clone flows encryption-aware; add i18n strings for the new encryption + sharing UX across locales - Add backend integration coverage for encryption policy + encrypted chat behavior; stabilize pytest by provisioning a shared Postgres container in `conftest.py` (opt-out via `OPEN_WEBUI_TEST_USE_EXISTING_DATABASE_URL=true`) - Add vitest coverage for crypto helpers and UMK lifecycle including error paths ### Changed - Refactored storage provider tests to be hermetic (mocked providers and no external emulators) and update Redis sentinel tests accordingly - Document feature + env vars (`docs/chat-encryption.md`, `.env.example`) and link from docs README - Narrow `format:backend` to `black backend/` to avoid formatting non-backend files --- ### Additional Information - https://github.com/open-webui/open-webui/discussions/9826 ### Screenshots or Videos - [Attach any relevant screenshots or videos demonstrating the changes] ### Contributor License Agreement By submitting this pull request, I confirm that I have read and fully agree to the [Contributor License Agreement (CLA)](https://github.com/open-webui/open-webui/blob/main/CONTRIBUTOR_LICENSE_AGREEMENT), and I am providing my contributions under its terms. > [!NOTE] > Deleting the CLA section will lead to immediate closure of your PR and it will not be merged in. --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>
GiteaMirror added the pull-request label 2026-04-25 13:21:45 -05:00
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
bug
confirmed
confirmed issue
core
documentation
enhancement
good first issue
help wanted
non-core
pull-request
Mirrored from GitHub Pull Request
 python
question
testing wanted
No Label pull-request
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
GiteaMirror ninjasurge
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/open-webui#41036
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?