refac

backend/open_webui/routers/auths.py

@@ -677,6 +677,7 @@ async def signup(request: Request, response: Response, form_data: SignupForm):
 async def signout(request: Request, response: Response):
     response.delete_cookie("token")
     response.delete_cookie("oui-session")
+    response.delete_cookie("oauth_id_token")
 
     oauth_session_id = request.cookies.get("oauth_session_id")
     if oauth_session_id:

backend/open_webui/utils/auth.py

@@ -313,6 +313,10 @@ def get_current_user(
         # Delete the token cookie
         if request.cookies.get("token"):
             response.delete_cookie("token")
+
+        if request.cookies.get("oauth_id_token"):
+            response.delete_cookie("oauth_id_token")
+
         # Delete OAuth session if present
         if request.cookies.get("oauth_session_id"):
             response.delete_cookie("oauth_session_id")

backend/open_webui/utils/oauth.py

@@ -824,7 +824,7 @@ class OAuthManager:
             if "expires_in" in token and "expires_at" not in token:
                 token["expires_at"] = datetime.now().timestamp() + token["expires_in"]
 
-            session_id = await OAuthSessions.create_session(
+            session = OAuthSessions.create_session(
                 user_id=user.id,
                 provider=provider,
                 token=token,
@@ -832,7 +832,7 @@ class OAuthManager:
 
             response.set_cookie(
                 key="oauth_session_id",
-                value=session_id,
+                value=session.id,
                 httponly=True,
                 samesite=WEBUI_AUTH_COOKIE_SAME_SITE,
                 secure=WEBUI_AUTH_COOKIE_SECURE,