From f6baa1bb7771133a88a34c483ce18f3d28196f10 Mon Sep 17 00:00:00 2001 From: Timothy Jaeryang Baek Date: Mon, 29 Jun 2026 14:34:22 -0500 Subject: [PATCH 1/2] refac --- src/routes/+layout.svelte | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) diff --git a/src/routes/+layout.svelte b/src/routes/+layout.svelte index 8e368d1767..57d0a692e2 100644 --- a/src/routes/+layout.svelte +++ b/src/routes/+layout.svelte @@ -810,6 +810,20 @@ }); }; + const isAuthFailureResponse = async (response) => { + try { + const data = await response.clone().json(); + const detail = data?.detail; + return ( + detail === '401 Unauthorized' || + detail === 'Not authenticated' || + detail === 'Your session has expired or the token is invalid. Please sign in again.' + ); + } catch { + return true; + } + }; + const checkTokenExpiry = async () => { const exp = $user?.expires_at; // token expiry time in unix timestamp const now = Math.floor(Date.now() / 1000); // current time in unix timestamp @@ -939,7 +953,8 @@ if ( response.status === 401 && localStorage.token && - isAuthenticatedBackendFetch(input, init) + isAuthenticatedBackendFetch(input, init) && + (await isAuthFailureResponse(response)) ) { redirectToAuthAfterUnauthorized(); } From 86231e44386815c8616867566e7f179f3d83c14e Mon Sep 17 00:00:00 2001 From: Timothy Jaeryang Baek Date: Mon, 29 Jun 2026 14:35:39 -0500 Subject: [PATCH 2/2] refac --- CHANGELOG.md | 6 ++++++ package-lock.json | 4 ++-- package.json | 2 +- 3 files changed, 9 insertions(+), 3 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 550df4a110..1685ad71dc 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,6 +5,12 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). +## [0.10.1] - 2026-06-29 + +### Fixed + +- 🤝 **Shared folder read-only chats no longer sign users out.** Opening or reading chats from shared folders now keeps the current session active when a resource-level access error is returned, instead of incorrectly showing "Session expired. Please sign in again." + ## [0.10.0] - 2026-06-29 ### Added diff --git a/package-lock.json b/package-lock.json index 362335b4b1..9772ea8372 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,12 +1,12 @@ { "name": "open-webui", - "version": "0.10.0", + "version": "0.10.1", "lockfileVersion": 3, "requires": true, "packages": { "": { "name": "open-webui", - "version": "0.10.0", + "version": "0.10.1", "dependencies": { "@azure/msal-browser": "^4.5.0", "@codemirror/lang-javascript": "^6.2.2", diff --git a/package.json b/package.json index 84603e61f2..8566845b68 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "open-webui", - "version": "0.10.0", + "version": "0.10.1", "private": true, "scripts": { "dev": "npm run pyodide:fetch && vite dev --host",