open-webui/backend/apps/web/models/auths.py

from pydantic import BaseModel
from typing import List, Union, Optional
import time
import uuid
import logging
from peewee import *

from apps.web.models.users import UserModel, Users
from utils.utils import verify_password

from apps.web.internal.db import DB

from config import SRC_LOG_LEVELS

log = logging.getLogger(__name__)
log.setLevel(SRC_LOG_LEVELS["MODELS"])

####################
# DB MODEL
####################


class Auth(Model):
    id = CharField(unique=True)
    email = CharField()
    password = CharField()
    active = BooleanField()
    api_key = CharField(null=True, unique=True)

    class Meta:
        database = DB


class AuthModel(BaseModel):
    id: str
    email: str
    password: str
    active: bool = True
    api_key: Optional[str] = None


####################
# Forms
####################


class Token(BaseModel):
    token: str
    token_type: str


class ApiKey(BaseModel):
    api_key: Optional[str] = None


class UserResponse(BaseModel):
    id: str
    email: str
    name: str
    role: str
    profile_image_url: str


class SigninResponse(Token, UserResponse):
    pass


class SigninForm(BaseModel):
    email: str
    password: str


class ProfileImageUrlForm(BaseModel):
    profile_image_url: str


class UpdateProfileForm(BaseModel):
    profile_image_url: str
    name: str


class UpdatePasswordForm(BaseModel):
    password: str
    new_password: str


class SignupForm(BaseModel):
    name: str
    email: str
    password: str


class AuthsTable:
    def __init__(self, db):
        self.db = db
        self.db.create_tables([Auth])

    def insert_new_auth(
        self, email: str, password: str, name: str, role: str = "pending"
    ) -> Optional[UserModel]:
        log.info("insert_new_auth")

        id = str(uuid.uuid4())

        auth = AuthModel(
            **{"id": id, "email": email, "password": password, "active": True}
        )
        result = Auth.create(**auth.model_dump())

        user = Users.insert_new_user(id, name, email, role)

        if result and user:
            return user
        else:
            return None

    def authenticate_user(self, email: str, password: str) -> Optional[UserModel]:
        log.info(f"authenticate_user: {email}")
        try:
            auth = Auth.get(Auth.email == email, Auth.active == True)
            if auth:
                if verify_password(password, auth.password):
                    user = Users.get_user_by_id(auth.id)
                    return user
                else:
                    return None
            else:
                return None
        except:
            return None

    def authenticate_user_by_api_key(self, api_key: str) -> Optional[UserModel]:
        log.info(f"authenticate_user_by_api_key: {api_key}")
        # if no api_key, return None
        if not api_key:
            return None

        try:
            auth = Auth.get(Auth.api_key == api_key, Auth.active == True)
            if auth:
                user = Users.get_user_by_id(auth.id)
                return user
            else:
                return None

        except:
            return False

    def authenticate_user_by_trusted_header(self, email: str) -> Optional[UserModel]:
        log.info(f"authenticate_user_by_trusted_header: {email}")
        try:
            auth = Auth.get(Auth.email == email, Auth.active == True)
            if auth:
                user = Users.get_user_by_id(auth.id)
                return user
        except:
            return None

    def update_user_password_by_id(self, id: str, new_password: str) -> bool:
        try:
            query = Auth.update(password=new_password).where(Auth.id == id)
            result = query.execute()

            return True if result == 1 else False
        except:
            return False

    def update_email_by_id(self, id: str, email: str) -> bool:
        try:
            query = Auth.update(email=email).where(Auth.id == id)
            result = query.execute()

            return True if result == 1 else False
        except:
            return False

    def update_api_key_by_id(self, id: str, api_key: str) -> str:
        try:
            query = Auth.update(api_key=api_key).where(Auth.id == id)
            result = query.execute()

            return True if result == 1 else False
        except:
            return False

    def get_api_key_by_id(self, id: str) -> Optional[str]:
        try:
            auth = Auth.get(Auth.id == id)
            return auth.api_key
        except:
            return None

    def delete_auth_by_id(self, id: str) -> bool:
        try:
            # Delete User
            result = Users.delete_user_by_id(id)

            if result:
                # Delete Auth
                query = Auth.delete().where(Auth.id == id)
                query.execute()  # Remove the rows, return number of rows removed.

                return True
            else:
                return False
        except:
            return False


Auths = AuthsTable(DB)
feat: multi-user support w/ RBAC 2023-11-19 01:47:12 +01:00			`from pydantic import BaseModel`
			`from typing import List, Union, Optional`
			`import time`
			`import uuid`
Migrate to python logging module with env var control. 2024-03-21 00:11:36 +01:00			`import logging`
feat: db migration to sqlite 2023-12-26 06:44:28 +01:00			`from peewee import *`
feat: multi-user support w/ RBAC 2023-11-19 01:47:12 +01:00
			`from apps.web.models.users import UserModel, Users`
Remove some extraneous imports 2024-02-01 21:53:13 +01:00			`from utils.utils import verify_password`
feat: multi-user support w/ RBAC 2023-11-19 01:47:12 +01:00
feat: db migration to sqlite 2023-12-26 06:44:28 +01:00			`from apps.web.internal.db import DB`
feat: multi-user support w/ RBAC 2023-11-19 01:47:12 +01:00
Migrate to python logging module with env var control. 2024-03-21 00:11:36 +01:00			`from config import SRC_LOG_LEVELS`
chore: py formatting 2024-03-31 10:13:39 +02:00
Migrate to python logging module with env var control. 2024-03-21 00:11:36 +01:00			`log = logging.getLogger(__name__)`
			`log.setLevel(SRC_LOG_LEVELS["MODELS"])`

feat: multi-user support w/ RBAC 2023-11-19 01:47:12 +01:00			`####################`
			`# DB MODEL`
			`####################`


feat: db migration to sqlite 2023-12-26 06:44:28 +01:00			`class Auth(Model):`
			`id = CharField(unique=True)`
			`email = CharField()`
			`password = CharField()`
			`active = BooleanField()`
backend support api key 2024-03-26 11:22:17 +01:00			`api_key = CharField(null=True, unique=True)`
feat: db migration to sqlite 2023-12-26 06:44:28 +01:00
			`class Meta:`
			`database = DB`


feat: multi-user support w/ RBAC 2023-11-19 01:47:12 +01:00			`class AuthModel(BaseModel):`
			`id: str`
			`email: str`
			`password: str`
			`active: bool = True`
backend support api key 2024-03-26 11:22:17 +01:00			`api_key: Optional[str] = None`
feat: multi-user support w/ RBAC 2023-11-19 01:47:12 +01:00

			`####################`
			`# Forms`
			`####################`


			`class Token(BaseModel):`
			`token: str`
			`token_type: str`

fix 2024-04-02 18:18:15 +02:00
backend support api key 2024-03-26 11:22:17 +01:00			`class ApiKey(BaseModel):`
			`api_key: Optional[str] = None`
feat: multi-user support w/ RBAC 2023-11-19 01:47:12 +01:00
fix 2024-04-02 18:18:15 +02:00
feat: multi-user support w/ RBAC 2023-11-19 01:47:12 +01:00			`class UserResponse(BaseModel):`
			`id: str`
			`email: str`
			`name: str`
			`role: str`
feat: basic RBAC support 2023-11-19 06:41:43 +01:00			`profile_image_url: str`
feat: multi-user support w/ RBAC 2023-11-19 01:47:12 +01:00

			`class SigninResponse(Token, UserResponse):`
			`pass`


			`class SigninForm(BaseModel):`
			`email: str`
			`password: str`


feat: profile image update backend 2024-01-27 05:27:45 +01:00			`class ProfileImageUrlForm(BaseModel):`
			`profile_image_url: str`


feat: profile update frontend integration 2024-01-27 06:22:25 +01:00			`class UpdateProfileForm(BaseModel):`
			`profile_image_url: str`
			`name: str`


feat: change password support 2023-12-29 09:12:30 +01:00			`class UpdatePasswordForm(BaseModel):`
			`password: str`
			`new_password: str`


feat: multi-user support w/ RBAC 2023-11-19 01:47:12 +01:00			`class SignupForm(BaseModel):`
			`name: str`
			`email: str`
			`password: str`


			`class AuthsTable:`
			`def __init__(self, db):`
			`self.db = db`
feat: db migration to sqlite 2023-12-26 06:44:28 +01:00			`self.db.create_tables([Auth])`
feat: multi-user support w/ RBAC 2023-11-19 01:47:12 +01:00
feat: edit user support 2024-01-06 05:59:56 +01:00			`def insert_new_auth(`
			`self, email: str, password: str, name: str, role: str = "pending"`
			`) -> Optional[UserModel]:`
Migrate to python logging module with env var control. 2024-03-21 00:11:36 +01:00			`log.info("insert_new_auth")`
feat: multi-user support w/ RBAC 2023-11-19 01:47:12 +01:00
			`id = str(uuid.uuid4())`

feat: edit user support 2024-01-06 05:59:56 +01:00			`auth = AuthModel(`
			`**{"id": id, "email": email, "password": password, "active": True}`
			`)`
feat: db migration to sqlite 2023-12-26 06:44:28 +01:00			`result = Auth.create(**auth.model_dump())`

feat: multi-user support w/ RBAC 2023-11-19 01:47:12 +01:00			`user = Users.insert_new_user(id, name, email, role)`

			`if result and user:`
			`return user`
			`else:`
			`return None`

feat: edit user support 2024-01-06 05:59:56 +01:00			`def authenticate_user(self, email: str, password: str) -> Optional[UserModel]:`
Migrate to python logging module with env var control. 2024-03-21 00:11:36 +01:00			`log.info(f"authenticate_user: {email}")`
fix: chat model schema 2023-12-26 08:43:21 +01:00			`try:`
			`auth = Auth.get(Auth.email == email, Auth.active == True)`
			`if auth:`
			`if verify_password(password, auth.password):`
			`user = Users.get_user_by_id(auth.id)`
			`return user`
			`else:`
			`return None`
feat: multi-user support w/ RBAC 2023-11-19 01:47:12 +01:00			`else:`
			`return None`
fix: chat model schema 2023-12-26 08:43:21 +01:00			`except:`
feat: multi-user support w/ RBAC 2023-11-19 01:47:12 +01:00			`return None`

backend support api key 2024-03-26 11:22:17 +01:00			`def authenticate_user_by_api_key(self, api_key: str) -> Optional[UserModel]:`
			`log.info(f"authenticate_user_by_api_key: {api_key}")`
			`# if no api_key, return None`
			`if not api_key:`
			`return None`
fix 2024-04-02 18:18:15 +02:00
backend support api key 2024-03-26 11:22:17 +01:00			`try:`
			`auth = Auth.get(Auth.api_key == api_key, Auth.active == True)`
			`if auth:`
			`user = Users.get_user_by_id(auth.id)`
			`return user`
			`else:`
			`return None`
Merge branch 'dev' into feature/support_auth_by_api_key 2024-04-02 18:12:19 +02:00
fix 2024-04-02 18:18:15 +02:00			`except:`
			`return False`

chore: python formatting 2024-03-31 23:07:43 +02:00			`def authenticate_user_by_trusted_header(self, email: str) -> Optional[UserModel]:`
feat: add WEBUI_AUTH_TRUSTED_EMAIL_HEADER for authenticating users by a trusted header This is very yolo code, use at your own risk 2024-03-26 22:30:53 +01:00			`log.info(f"authenticate_user_by_trusted_header: {email}")`
			`try:`
			`auth = Auth.get(Auth.email == email, Auth.active == True)`
			`if auth:`
			`user = Users.get_user_by_id(auth.id)`
			`return user`
backend support api key 2024-03-26 11:22:17 +01:00			`except:`
			`return None`

chore: update password refac 2023-12-29 09:29:18 +01:00			`def update_user_password_by_id(self, id: str, new_password: str) -> bool:`
feat: change password support 2023-12-29 09:12:30 +01:00			`try:`
chore: update password refac 2023-12-29 09:29:18 +01:00			`query = Auth.update(password=new_password).where(Auth.id == id)`
			`result = query.execute()`
fix: update password 2023-12-29 09:31:23 +01:00
			`return True if result == 1 else False`
feat: change password support 2023-12-29 09:12:30 +01:00			`except:`
			`return False`

feat: edit user support 2024-01-06 05:59:56 +01:00			`def update_email_by_id(self, id: str, email: str) -> bool:`
			`try:`
			`query = Auth.update(email=email).where(Auth.id == id)`
			`result = query.execute()`

			`return True if result == 1 else False`
			`except:`
			`return False`

backend support api key 2024-03-26 11:22:17 +01:00			`def update_api_key_by_id(self, id: str, api_key: str) -> str:`
			`try:`
			`query = Auth.update(api_key=api_key).where(Auth.id == id)`
			`result = query.execute()`

			`return True if result == 1 else False`
			`except:`
			`return False`

			`def get_api_key_by_id(self, id: str) -> Optional[str]:`
			`try:`
			`auth = Auth.get(Auth.id == id)`
			`return auth.api_key`
			`except:`
			`return None`

feat: change password support 2023-12-29 09:12:30 +01:00			`def delete_auth_by_id(self, id: str) -> bool:`
fix: delete auth with user 2023-12-29 08:24:51 +01:00			`try:`
			`# Delete User`
			`result = Users.delete_user_by_id(id)`

			`if result:`
			`# Delete Auth`
			`query = Auth.delete().where(Auth.id == id)`
feat: edit user support 2024-01-06 05:59:56 +01:00			`query.execute() # Remove the rows, return number of rows removed.`
fix: delete auth with user 2023-12-29 08:24:51 +01:00
			`return True`
			`else:`
			`return False`
			`except:`
			`return False`

feat: multi-user support w/ RBAC 2023-11-19 01:47:12 +01:00
			`Auths = AuthsTable(DB)`