Can't login into account if port sat at 80

FinecoFinit commented 1 month ago

Describe the bug Basically can't enter account if port sat as 80

To Reproduce Steps to reproduce the behavior:

install package on debian 12
set port 80 in conf
set domain localhost

Expected behavior Enter account

Version information

Defguard Core version: v0.11.0
Firefox 128

Additional context I can access it on 8080 with ssh tunneling

teon commented 1 month ago

Guys, please reproduce and propose a fix or comment.

FinecoFinit commented 1 month ago

Setup with reverse proxy nginx in browser:

Uncaught (in promise) 
Object { stack: "se@http://wireguard-172-28-148-2.team/assets/index-M_ea3B3h.js:58:13951\nXM@http://wireguard-172-28-148-2.team/assets/index-M_ea3B3h.js:60:1045\nd@http://wireguard-172-28-148-2.team/assets/index-M_ea3B3h.js:60:4239\nEventHandlerNonNull*o4</<@http://wireguard-172-28-148-2.team/assets/index-M_ea3B3h.js:60:4311\no4<@http://wireguard-172-28-148-2.team/assets/index-M_ea3B3h.js:60:3216\nC1@http://wireguard-172-28-148-2.team/assets/index-M_ea3B3h.js:62:512\n_request@http://wireguard-172-28-148-2.team/assets/index-M_ea3B3h.js:63:1208\nrequest@http://wireguard-172-28-148-2.team/assets/index-M_ea3B3h.js:62:3032\nQf.prototype[e]@http://wireguard-172-28-148-2.team/assets/index-M_ea3B3h.js:63:1512\ncb/<@http://wireguard-172-28-148-2.team/assets/index-M_ea3B3h.js:58:8685\nGT@http://wireguard-172-28-148-2.team/assets/index-M_ea3B3h.js:63:9902\nL$/</S<@http://wireguard-172-28-148-2.team/assets/App-uAha_GHm.js:44:174938\nt.prototype.next@http://wireguard-172-28-148-2.team/assets/index-M_ea3B3h.js:58:3349\ne.prototype._next@http://wireguard-172-28-148-2.team/assets/index-M_ea3B3h.js:58:2951\ne.prototype.next@http://wireguard-172-28-148-2.team/assets/index-M_ea3B3h.js:58:2600\ne.prototype.next/<@http://wireguard-172-28-148-2.team/assets/index-M_ea3B3h.js:58:6268\nKc@http://wireguard-172-28-148-2.team/assets/index-M_ea3B3h.js:58:2349\ne.prototype.next@http://wireguard-172-28-148-2.team/assets/index-M_ea3B3h.js:58:6063\nonSuccess@http://wireguard-172-28-148-2.team/assets/App-uAha_GHm.js:44:162652\nexecute@http://wireguard-172-28-148-2.team/assets/index-M_ea3B3h.js:17:16534\nasync*mutate@http://wireguard-172-28-148-2.team/assets/App-uAha_GHm.js:1:1945\n$e/s<@http://wireguard-172-28-148-2.team/assets/App-uAha_GHm.js:1:3244\nc@http://wireguard-172-28-148-2.team/assets/App-uAha_GHm.js:44:162826\nc9/z/<@http://wireguard-172-28-148-2.team/assets/App-uAha_GHm.js:44:66606\nasync*hO@http://wireguard-172-28-148-2.team/assets/index-M_ea3B3h.js:37:9855\npO@http://wireguard-172-28-148-2.team/assets/index-M_ea3B3h.js:37:10009\nmO@http://wireguard-172-28-148-2.team/assets/index-M_ea3B3h.js:37:10066\ndw@http://wireguard-172-28-148-2.team/assets/index-M_ea3B3h.js:37:31446\nnS@http://wireguard-172-28-148-2.team/assets/index-M_ea3B3h.js:37:31865\nEd/<@http://wireguard-172-28-148-2.team/assets/index-M_ea3B3h.js:37:36778\npy@http://wireguard-172-28-148-2.team/assets/index-M_ea3B3h.js:40:36896\nCE@http://wireguard-172-28-148-2.team/assets/index-M_ea3B3h.js:37:8991\nEd@http://wireguard-172-28-148-2.team/assets/index-M_ea3B3h.js:37:33152\nHg@http://wireguard-172-28-148-2.team/assets/index-M_ea3B3h.js:37:17362\nNO@http://wireguard-172-28-148-2.team/assets/index-M_ea3B3h.js:37:17144\n", message: "Request failed with status code 401", name: "AxiosError", code: "ERR_BAD_REQUEST", config: {…}, request: XMLHttpRequest, response: {…} }
App-uAha_GHm.js:44:174938

nginx config:

server {
    listen 80;
    listen [::]:80;

    server_name wireguard-172-28-148-2.team;

    location / {
        proxy_pass "http://wireguard-172-28-148-2.team:8080";
        proxy_set_header    Origin        $host:$server_port;
        proxy_set_header    Referer       $host:$server_port;
#        include proxy_params;
    }
}

wireguard-172-28-148-2.team in hosts referring to network device given ip address

defguard log:

Jul 18 10:54:57 wireguard-172-28-148-2 defguard[3218666]: 2024-07-18T05:54:57.334229Z  INFO http_request{method=POST path=/api/v1/auth}: defguard::handlers::auth: Authenticated user admin
Jul 18 10:54:57 wireguard-172-28-148-2 defguard[3218666]: 2024-07-18T05:54:57.375872Z  INFO http_request{method=POST path=/api/v1/auth}: defguard::handlers::mail: Sent new device login notification to ello@loop.c
Jul 18 10:54:57 wireguard-172-28-148-2 defguard[3218666]: 2024-07-18T05:54:57.375975Z  INFO http_request{method=POST path=/api/v1/auth}: tower_http::trace::on_response: finished processing request latency=186 ms status=200
Jul 18 10:54:57 wireguard-172-28-148-2 defguard[3218666]: 2024-07-18T05:54:57.407088Z ERROR http_request{method=GET path=/api/v1/info}: defguard::handlers: msg="Session is required"
Jul 18 10:54:57 wireguard-172-28-148-2 defguard[3218666]: 2024-07-18T05:54:57.407133Z  INFO http_request{method=GET path=/api/v1/info}: tower_http::trace::on_response: finished processing request latency=0 ms status=401

FinecoFinit commented 1 month ago

Turned out my browser was declining cookies

DefGuard / defguard

Can't login into account if port sat at 80 #677