Merge pull request open-webui#8131 from open-webui/dev

fix: api key restrictions
oznav2 · Dec 27, 2024 · 2299f48 · 2299f48
2 parents 4e4e279 + 99386bf
commit 2299f48
Showing 1 changed file with 4 additions and 2 deletions.
diff --git a/backend/open_webui/utils/auth.py b/backend/open_webui/utils/auth.py
@@ -96,10 +96,12 @@ def get_current_user(
                 status.HTTP_403_FORBIDDEN, detail=ERROR_MESSAGES.API_KEY_NOT_ALLOWED
             )
 
-        if request.app.state.ENABLE_API_KEY_ENDPOINT_RESTRICTIONS:
+        if request.app.state.config.ENABLE_API_KEY_ENDPOINT_RESTRICTIONS:
             allowed_paths = [
                 path.strip()
-                for path in str(request.app.state.API_KEY_ALLOWED_PATHS).split(",")
+                for path in str(request.app.state.config.API_KEY_ALLOWED_PATHS).split(
+                    ","
+                )
             ]
 
             if request.url.path not in allowed_paths: