github-starred/open-webui
2
0
Fork 0
mirror of https://github.com/open-webui/open-webui.git synced 2026-05-06 19:08:59 -05:00
Code Issues 1.3k Packages Projects Releases 126 Wiki Activity

[GH-ISSUE #19075] issue: Regular user's localStorage token vanishes when admin logs out #57429

New Issue
Closed
opened 2026-05-05 20:55:56 -05:00 by GiteaMirror · 1 comment
GiteaMirror commented 2026-05-05 20:55:56 -05:00
Owner
Copy Link

Originally created by @nigelbkk on GitHub (Nov 10, 2025).
Original GitHub issue: https://github.com/open-webui/open-webui/issues/19075

Check Existing Issues

  • I have searched for any existing and/or related issues.
  • I have searched for any existing and/or related discussions.
  • I have also searched in the CLOSED issues AND CLOSED discussions and found no related items (your issue might already be addressed on the development branch!).
  • I am using the latest version of Open WebUI.

Installation Method

Pip Install

Open WebUI Version

0.6.38

Ollama Version (if applicable)

0.12.10

Operating System

Ubuntu 24.02

Browser (if applicable)

Chrome, Firefox

Confirmation

  • I have read and followed all instructions in README.md.
  • I am using the latest version of both Open WebUI and Ollama.
  • I have included the browser console logs.
  • I have included the Docker container logs.
  • I have provided every relevant configuration, setting, and environment variable used in my setup.
  • I have clearly listed every relevant configuration, custom setting, environment variable, and command-line option that influences my setup (such as Docker Compose overrides, .env values, browser settings, authentication configurations, etc).
  • I have documented step-by-step reproduction instructions that are precise, sequential, and leave nothing to interpretation. My steps:
  • Start with the initial platform/version/OS and dependencies used,
  • Specify exact install/launch/configure commands,
  • List URLs visited, user input (incl. example values/emails/passwords if needed),
  • Describe all options and toggles enabled or changed,
  • Include any files or environmental changes,
  • Identify the expected and actual result at each stage,
  • Ensure any reasonably skilled user can follow and hit the same issue.

Expected Behavior

Log in as regular user, you should be able to select models

Actual Behavior

Log in as regular user, no models are visible
Log in as admin on another tab, both users can now select models
Log out admin
=> regular user's token disppears from local storage
=> models are still visible
=> user chat is now inactive

Steps to Reproduce

Log in as regular user, no models are visible
Log in as admin on another tab, both users can now select models
Log out admin
=> regular user's token disppears from local storage
=> models are still visible
=> user chat is now inactive

Logs & Screenshots

  • authenticate_user: nigel.hughes.x@gmail.com
    2025-11-10 13:30:48.610 | INFO | uvicorn.protocols.http.httptools_impl:send:476 - 10.0.0.2:43614 - "POST /api/v1/auths/signin HTTP/1.1" 200
    2025-11-10 13:30:48.625 | INFO | uvicorn.protocols.http.httptools_impl:send:476 - 10.0.0.2:43614 - "GET /api/config HTTP/1.1" 200
    2025-11-10 13:30:48.868 | INFO | uvicorn.protocols.http.httptools_impl:send:476 - 10.0.0.2:43614 - "GET /api/v1/configs/banners HTTP/1.1" 200
    2025-11-10 13:30:48.883 | INFO | uvicorn.protocols.http.httptools_impl:send:476 - 10.0.0.2:43628 - "GET /api/v1/users/user/settings HTTP/1.1" 200
    2025-11-10 13:30:48.887 | INFO | uvicorn.protocols.http.httptools_impl:send:476 - 10.0.0.2:43624 - "GET /api/v1/tools/ HTTP/1.1" 200
    2025-11-10 13:30:48.920 | INFO | open_webui.routers.openai:get_all_models:490 - get_all_models()
    2025-11-10 13:30:48.921 | INFO | open_webui.routers.ollama:get_all_models:348 - get_all_models()
    2025-11-10 13:30:49.343 | INFO | uvicorn.protocols.http.httptools_impl:send:476 - 10.0.0.2:43624 - "GET /api/models HTTP/1.1" 200
    2025-11-10 13:30:49.455 | INFO | uvicorn.protocols.http.httptools_impl:send:476 - 10.0.0.2:43624 - "GET /api/v1/tools/ HTTP/1.1" 200
    2025-11-10 13:30:49.459 | INFO | uvicorn.protocols.http.httptools_impl:send:476 - 10.0.0.2:43628 - "GET /api/v1/functions/ HTTP/1.1" 200
    2025-11-10 13:30:49.463 | INFO | uvicorn.protocols.http.httptools_impl:send:476 - 10.0.0.2:43614 - "GET /api/v1/users/user/settings HTTP/1.1" 200

Additional Information

No response

Originally created by @nigelbkk on GitHub (Nov 10, 2025). Original GitHub issue: https://github.com/open-webui/open-webui/issues/19075 ### Check Existing Issues - [x] I have searched for any existing and/or related issues. - [x] I have searched for any existing and/or related discussions. - [x] I have also searched in the CLOSED issues AND CLOSED discussions and found no related items (your issue might already be addressed on the development branch!). - [x] I am using the latest version of Open WebUI. ### Installation Method Pip Install ### Open WebUI Version 0.6.38 ### Ollama Version (if applicable) 0.12.10 ### Operating System Ubuntu 24.02 ### Browser (if applicable) Chrome, Firefox ### Confirmation - [x] I have read and followed all instructions in `README.md`. - [x] I am using the latest version of **both** Open WebUI and Ollama. - [x] I have included the browser console logs. - [x] I have included the Docker container logs. - [x] I have **provided every relevant configuration, setting, and environment variable used in my setup.** - [x] I have clearly **listed every relevant configuration, custom setting, environment variable, and command-line option that influences my setup** (such as Docker Compose overrides, .env values, browser settings, authentication configurations, etc). - [x] I have documented **step-by-step reproduction instructions that are precise, sequential, and leave nothing to interpretation**. My steps: - Start with the initial platform/version/OS and dependencies used, - Specify exact install/launch/configure commands, - List URLs visited, user input (incl. example values/emails/passwords if needed), - Describe all options and toggles enabled or changed, - Include any files or environmental changes, - Identify the expected and actual result at each stage, - Ensure any reasonably skilled user can follow and hit the same issue. ### Expected Behavior Log in as regular user, you should be able to select models ### Actual Behavior Log in as regular user, no models are visible Log in as admin on another tab, both users can now select models Log out admin => regular user's token disppears from local storage => models are still visible => user chat is now inactive ### Steps to Reproduce Log in as regular user, no models are visible Log in as admin on another tab, both users can now select models Log out admin => regular user's token disppears from local storage => models are still visible => user chat is now inactive ### Logs & Screenshots - authenticate_user: nigel.hughes.x@gmail.com 2025-11-10 13:30:48.610 | INFO | uvicorn.protocols.http.httptools_impl:send:476 - 10.0.0.2:43614 - "POST /api/v1/auths/signin HTTP/1.1" 200 2025-11-10 13:30:48.625 | INFO | uvicorn.protocols.http.httptools_impl:send:476 - 10.0.0.2:43614 - "GET /api/config HTTP/1.1" 200 2025-11-10 13:30:48.868 | INFO | uvicorn.protocols.http.httptools_impl:send:476 - 10.0.0.2:43614 - "GET /api/v1/configs/banners HTTP/1.1" 200 2025-11-10 13:30:48.883 | INFO | uvicorn.protocols.http.httptools_impl:send:476 - 10.0.0.2:43628 - "GET /api/v1/users/user/settings HTTP/1.1" 200 2025-11-10 13:30:48.887 | INFO | uvicorn.protocols.http.httptools_impl:send:476 - 10.0.0.2:43624 - "GET /api/v1/tools/ HTTP/1.1" 200 2025-11-10 13:30:48.920 | INFO | open_webui.routers.openai:get_all_models:490 - get_all_models() 2025-11-10 13:30:48.921 | INFO | open_webui.routers.ollama:get_all_models:348 - get_all_models() 2025-11-10 13:30:49.343 | INFO | uvicorn.protocols.http.httptools_impl:send:476 - 10.0.0.2:43624 - "GET /api/models HTTP/1.1" 200 2025-11-10 13:30:49.455 | INFO | uvicorn.protocols.http.httptools_impl:send:476 - 10.0.0.2:43624 - "GET /api/v1/tools/ HTTP/1.1" 200 2025-11-10 13:30:49.459 | INFO | uvicorn.protocols.http.httptools_impl:send:476 - 10.0.0.2:43628 - "GET /api/v1/functions/ HTTP/1.1" 200 2025-11-10 13:30:49.463 | INFO | uvicorn.protocols.http.httptools_impl:send:476 - 10.0.0.2:43614 - "GET /api/v1/users/user/settings HTTP/1.1" 200 ### Additional Information _No response_
GiteaMirror added the bug label 2026-05-05 20:55:56 -05:00
GiteaMirror commented 2026-05-05 20:55:58 -05:00
Author
Owner
Copy Link

@tjbck commented on GitHub (Nov 11, 2025):

Access control needs to be set for each model.

<!-- gh-comment-id:3515027238 --> @tjbck commented on GitHub (Nov 11, 2025): Access control needs to be set for each model.
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
bug
confirmed
confirmed issue
core
documentation
enhancement
good first issue
help wanted
non-core
pull-request
Mirrored from GitHub Pull Request
 python
question
testing wanted
No Label bug
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
GiteaMirror ninjasurge
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/open-webui#57429
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?