From 468f42aef8e670f3ceaa68c25905187ab2b00ead Mon Sep 17 00:00:00 2001
From: yongtenglei <yongtengrey@outlook.com>
Date: Fri, 21 Nov 2025 19:31:01 +0800
Subject: [PATCH] Feat: add auth header for Ollama chat model

---
 rag/llm/chat_model.py | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/rag/llm/chat_model.py b/rag/llm/chat_model.py
index 856d23b01..cce5b2454 100644
--- a/rag/llm/chat_model.py
+++ b/rag/llm/chat_model.py
@@ -1635,6 +1635,15 @@ class LiteLLMBase(ABC):
                 provider_cfg["allow_fallbacks"] = False
                 extra_body["provider"] = provider_cfg
                 completion_args.update({"extra_body": extra_body})
+
+        # Ollama deployments commonly sit behind a reverse proxy that enforces
+        # Bearer auth. Ensure the Authorization header is set when an API key
+        # is provided, while respecting any user-supplied headers. #11350
+        extra_headers = deepcopy(completion_args.get("extra_headers") or {})
+        if self.provider == SupportedLiteLLMProvider.Ollama and self.api_key and "Authorization" not in extra_headers:
+            extra_headers["Authorization"] = f"Bearer {self.api_key}"
+        if extra_headers:
+            completion_args["extra_headers"] = extra_headers
         return completion_args
 
     def chat_with_tools(self, system: str, history: list, gen_conf: dict = {}):