11 tháng trước cách đây · 01472c071b
--- a/backend/apps/web/routers/auths.py
+++ b/backend/apps/web/routers/auths.py
@@ -33,7 +33,7 @@ from utils.utils import (
 
				 from utils.misc import parse_duration, validate_email_format
			
 
				 from utils.webhook import post_webhook
			
 
				 from constants import ERROR_MESSAGES, WEBHOOK_MESSAGES
			
 
				-from config import WEBUI_AUTH_TRUSTED_EMAIL_HEADER
			
 
				+from config import WEBUI_AUTH, WEBUI_AUTH_TRUSTED_EMAIL_HEADER
			
 
				 
			
 
				 router = APIRouter()
			
 
				 
			
@@ -118,6 +118,19 @@ async def signin(request: Request, form_data: SigninForm):
 
				                 ),
			
 
				             )
			
 
				         user = Auths.authenticate_user_by_trusted_header(trusted_email)
			
 
				+
			
 
				+    if WEBUI_AUTH == False:
			
 
				+        admin_email = "admin@localhost"
			
 
				+        admin_password = "admin"
			
 
				+
			
 
				+        if Users.get_num_users() == 0 and not Users.get_user_by_email(
			
 
				+            admin_email.lower()
			
 
				+        ):
			
 
				+            await signup(
			
 
				+                request,
			
 
				+                SignupForm(email=admin_email, password=admin_password, name="User"),
			
 
				+            )
			
 
				+        user = Auths.authenticate_user(admin_email.lower(), admin_password)
			
 
				     else:
			
 
				         user = Auths.authenticate_user(form_data.email.lower(), form_data.password)
			
 
				 
			
--- a/backend/config.py
+++ b/backend/config.py
@@ -413,7 +413,7 @@ WEBUI_VERSION = os.environ.get("WEBUI_VERSION", "v1.0.0-alpha.100")
 
				 # WEBUI_AUTH (Required for security)
			
 
				 ####################################
			
 
				 
			
 
				-WEBUI_AUTH = True
			
 
				+WEBUI_AUTH = os.environ.get("WEBUI_AUTH", "True").lower() == "true"
			
 
				 WEBUI_AUTH_TRUSTED_EMAIL_HEADER = os.environ.get(
			
 
				     "WEBUI_AUTH_TRUSTED_EMAIL_HEADER", None
			
 
				 )
			
--- a/backend/main.py
+++ b/backend/main.py
@@ -44,6 +44,7 @@ from config import (
 
				     CONFIG_DATA,
			
 
				     WEBUI_NAME,
			
 
				     WEBUI_URL,
			
 
				+    WEBUI_AUTH,
			
 
				     ENV,
			
 
				     VERSION,
			
 
				     CHANGELOG,
			
@@ -240,6 +241,7 @@ async def get_app_config():
 
				         "status": True,
			
 
				         "name": WEBUI_NAME,
			
 
				         "version": VERSION,
			
 
				+        "auth": WEBUI_AUTH,
			
 
				         "default_locale": default_locale,
			
 
				         "images": images_app.state.ENABLED,
			
 
				         "default_models": webui_app.state.DEFAULT_MODELS,
			
--- a/backend/utils/misc.py
+++ b/backend/utils/misc.py
@@ -38,9 +38,10 @@ def calculate_sha256_string(string):
 
				 
			
 
				 
			
 
				 def validate_email_format(email: str) -> bool:
			
 
				-    if not re.match(r"[^@]+@[^@]+\.[^@]+", email):
			
 
				-        return False
			
 
				-    return True
			
 
				+    if email.endswith("@localhost"):
			
 
				+        return True
			
 
				+
			
 
				+    return bool(re.match(r"[^@]+@[^@]+\.[^@]+", email))
			
 
				 
			
 
				 
			
 
				 def sanitize_filename(file_name):
			
--- a/src/routes/auth/+page.svelte
+++ b/src/routes/auth/+page.svelte
@@ -60,7 +60,7 @@
 
				 			await goto('/');
			
 
				 		}
			
 
				 		loaded = true;
			
 
				-		if ($config?.trusted_header_auth ?? false) {
			
 
				+		if (($config?.trusted_header_auth ?? false) || $config?.auth === false) {
			
 
				 			await signInHandler();
			
 
				 		}
			
 
				 	});
			
@@ -97,7 +97,7 @@
 
				 		</div> -->
			
 
				 
			
 
				 		<div class="w-full sm:max-w-md px-10 min-h-screen flex flex-col text-center">
			
 
				-			{#if $config?.trusted_header_auth ?? false}
			
 
				+			{#if ($config?.trusted_header_auth ?? false) || $config?.auth === false}
			
 
				 				<div class=" my-auto pb-10 w-full">
			
 
				 					<div
			
 
				 						class="flex items-center justify-center gap-3 text-xl sm:text-2xl text-center font-bold dark:text-gray-200"