search

lobehub / lobe-chat

🤯 Lobe Chat - an open-source, modern-design AI chat framework. Supports Multi AI Providers( OpenAI / Claude 3 / Gemini / Ollama / Azure / DeepSeek), Knowledge Base (file upload / knowledge management / RAG ), Multi-Modals (Vision/TTS) and plugin system. One-click FREE deployment of your private ChatGPT/ Claude application.
https://chat-preview.lobehub.com
Other
42.12k stars 9.5k forks source link

[Bug] Auth module and configurations should not be part of lobe-chat-database. #3987

Closed jwu-sym closed 2 weeks ago

jwu-sym commented 2 weeks ago

📦 部署环境

Docker

📌 软件版本

*

💻 系统环境

Ubuntu

🌐 浏览器

Chrome

🐛 问题描述

Forcing auth for database version of lobe-chat seemed an architectural flaw. Open-WebUI project never imposed auth requirement. Opensource project usualy is a tool, not a massive social application. When database and RAG needed for lobe-chat for the version, please do not enforce auth, it's an overkill.

📷 复现步骤

No response

🚦 期望结果

No response

📝 补充信息

No response

lobehubbot commented 2 weeks ago

👀 @jwu-sym

Thank you for raising an issue. We will investigate into the matter and get back to you as soon as possible. Please make sure you have given us as much context as possible.\ 非常感谢您提交 issue。我们会尽快调查此事,并尽快回复您。 请确保您已经提供了尽可能多的背景信息。

dosubot[bot] commented 2 weeks ago

@jwu-sym 你好! 我是Dosu,一个能帮你解决 bug、回答问题,并成为贡献者的机器人。在等待人类维护者回复的时候,我会尽力帮助你。期待与你一起解决问题!🤖

The auth module and configurations are enforced for the lobe-chat-database in the latest version because the LobeChat database version requires an SSO authentication service supported by LobeChat to function correctly. This is necessary to ensure secure access and proper user management. This requirement cannot be removed as it is integral to the functioning of the LobeChat database version [1][2][3].

However, for development or testing purposes, you can disable the authentication requirement by setting the enabledAccessCode flag to false in your server configuration [4].

For local or private use, you can set up the LobeChat database version without authentication by using the provided docker-compose.yml and .env files. This setup is suitable for quick demonstration or personal local use but should not be used in a production environment. Detailed instructions can be found in the Deploying LobeChat Database with Docker documentation [1][5].

To continue talking to Dosu, mention @dosu.

arvinxx commented 2 weeks ago

database version need auth to know who you are, or the data can't be saved in the db. Open WebUI have implemented a basic login/auth feature but we don't. They also have auth and enforce it, it's not a good example.

I think each open source project should find it's way in the whole ecosystem. LobeChat is a chat framework for modern chat experience, mutli-modal, plugin system and knowledge base. I don't think the auth should be the core part of LobeChat so we won't take time to do the basic function like encrpt user password or send email verifaciation, and just throw this work to the SSO providers (like Auth0 , Clerk , Casdoor), who can be more professional.

Opensource project usualy is a tool, not a massive social application.

We don't position LobeChat just a tool, we prefer to make it an open-source AI application. So we will keep to involve it with more and more features and more flexible intergation.

lobehubbot commented 2 weeks ago

✅ @jwu-sym

This issue is closed, If you have any questions, you can comment and reply.\ 此问题已经关闭。如果您有任何问题,可以留言并回复。

lobehubbot commented 2 weeks ago

✅ @jwu-sym

This issue is closed, If you have any questions, you can comment and reply.\ 此问题已经关闭。如果您有任何问题,可以留言并回复。