open-webui/backend/utils/utils.py

from fastapi.security import HTTPBasicCredentials, HTTPBearer
from pydantic import BaseModel
from typing import Union, Optional

from passlib.context import CryptContext
from datetime import datetime, timedelta
import requests
import jwt

import config

JWT_SECRET_KEY = config.WEBUI_JWT_SECRET_KEY
ALGORITHM = "HS256"

##############
# Auth Utils
##############

bearer_scheme = HTTPBearer()
pwd_context = CryptContext(schemes=["bcrypt"], deprecated="auto")


def verify_password(plain_password, hashed_password):
    return (
        pwd_context.verify(plain_password, hashed_password) if hashed_password else None
    )


def get_password_hash(password):
    return pwd_context.hash(password)


def create_token(data: dict, expires_delta: Union[timedelta, None] = None) -> str:
    payload = data.copy()

    if expires_delta:
        expire = datetime.utcnow() + expires_delta
        payload.update({"exp": expire})

    encoded_jwt = jwt.encode(payload, JWT_SECRET_KEY, algorithm=ALGORITHM)
    return encoded_jwt


def decode_token(token: str) -> Optional[dict]:
    try:
        decoded = jwt.decode(token, JWT_SECRET_KEY, options={"verify_signature": False})
        return decoded
    except Exception as e:
        return None


def extract_token_from_auth_header(auth_header: str):
    return auth_header[len("Bearer ") :]


def verify_token(request):
    try:
        authorization = request.headers["authorization"]
        if authorization:
            _, token = authorization.split()
            decoded_token = jwt.decode(
                token, JWT_SECRET_KEY, options={"verify_signature": False}
            )
            return decoded_token
        else:
            return None
    except Exception as e:
        return None
feat: multi-user support w/ RBAC 2023-11-19 01:47:12 +01:00			`from fastapi.security import HTTPBasicCredentials, HTTPBearer`
			`from pydantic import BaseModel`
			`from typing import Union, Optional`

			`from passlib.context import CryptContext`
			`from datetime import datetime, timedelta`
			`import requests`
			`import jwt`

			`import config`

feat: set first user to admin by default 2023-11-19 09:41:29 +01:00			`JWT_SECRET_KEY = config.WEBUI_JWT_SECRET_KEY`
feat: multi-user support w/ RBAC 2023-11-19 01:47:12 +01:00			`ALGORITHM = "HS256"`

			`##############`
			`# Auth Utils`
			`##############`

			`bearer_scheme = HTTPBearer()`
			`pwd_context = CryptContext(schemes=["bcrypt"], deprecated="auto")`


			`def verify_password(plain_password, hashed_password):`
			`return (`
			`pwd_context.verify(plain_password, hashed_password) if hashed_password else None`
			`)`


			`def get_password_hash(password):`
			`return pwd_context.hash(password)`


			`def create_token(data: dict, expires_delta: Union[timedelta, None] = None) -> str:`
			`payload = data.copy()`

			`if expires_delta:`
			`expire = datetime.utcnow() + expires_delta`
			`payload.update({"exp": expire})`

			`encoded_jwt = jwt.encode(payload, JWT_SECRET_KEY, algorithm=ALGORITHM)`
			`return encoded_jwt`


			`def decode_token(token: str) -> Optional[dict]:`
			`try:`
			`decoded = jwt.decode(token, JWT_SECRET_KEY, options={"verify_signature": False})`
			`return decoded`
			`except Exception as e:`
			`return None`


			`def extract_token_from_auth_header(auth_header: str):`
			`return auth_header[len("Bearer ") :]`


			`def verify_token(request):`
			`try:`
feat(auth): add auth middleware - refactored chat routes to use request.user instead of doing authentication in every route 2023-12-28 21:15:54 +01:00			`authorization = request.headers["authorization"]`
			`if authorization:`
			`_, token = authorization.split()`
			`decoded_token = jwt.decode(`
feat: multi-user support w/ RBAC 2023-11-19 01:47:12 +01:00			`token, JWT_SECRET_KEY, options={"verify_signature": False}`
			`)`
feat(auth): add auth middleware - refactored chat routes to use request.user instead of doing authentication in every route 2023-12-28 21:15:54 +01:00			`return decoded_token`
feat: multi-user support w/ RBAC 2023-11-19 01:47:12 +01:00			`else:`
			`return None`
			`except Exception as e:`
			`return None`