Gozargah / Marzban

Unified GUI Censorship Resistant Solution Powered by Xray
https://t.me/gozargah_marzban
GNU Affero General Public License v3.0
3.79k stars 518 forks source link

After adding user through API, server returns HTTP 500 #1410

Closed thehuze closed 2 weeks ago

thehuze commented 3 weeks ago

Describe the bug I use API to manage users. After executing POST /api/user, all tries to get created user / all users return to me 500 HTTP. Viewing logs, seems like i send incorrect unix timestamps for fields expire/ on_hold_timeout. (logs below)

My user has random generated username, so now i unable to delete this user (cuz i dont know his name) and i unable get all my users.

INFO:     server:port- "GET /api/users?limit=10&sort=-created_at HTTP/1.1" 500 Internal Server Error
ERROR:    Exception in ASGI application
Traceback (most recent call last):
  File "/usr/local/lib/python3.10/site-packages/uvicorn/protocols/http/httptools_impl.py", line 419, in run_asgi
    result = await app(  # type: ignore[func-returns-value]
  File "/usr/local/lib/python3.10/site-packages/uvicorn/middleware/proxy_headers.py", line 78, in __call__
    return await self.app(scope, receive, send)
  File "/usr/local/lib/python3.10/site-packages/fastapi/applications.py", line 271, in __call__
    await super().__call__(scope, receive, send)
  File "/usr/local/lib/python3.10/site-packages/starlette/applications.py", line 118, in __call__
    await self.middleware_stack(scope, receive, send)
  File "/usr/local/lib/python3.10/site-packages/starlette/middleware/errors.py", line 184, in __call__
    raise exc
  File "/usr/local/lib/python3.10/site-packages/starlette/middleware/errors.py", line 162, in __call__
    await self.app(scope, receive, _send)
  File "/usr/local/lib/python3.10/site-packages/starlette/middleware/cors.py", line 84, in __call__
    await self.app(scope, receive, send)
  File "/usr/local/lib/python3.10/site-packages/starlette/middleware/exceptions.py", line 79, in __call__
    raise exc
  File "/usr/local/lib/python3.10/site-packages/starlette/middleware/exceptions.py", line 68, in __call__
    await self.app(scope, receive, sender)
  File "/usr/local/lib/python3.10/site-packages/fastapi/middleware/asyncexitstack.py", line 21, in __call__
    raise e
  File "/usr/local/lib/python3.10/site-packages/fastapi/middleware/asyncexitstack.py", line 18, in __call__
    await self.app(scope, receive, send)
  File "/usr/local/lib/python3.10/site-packages/starlette/routing.py", line 706, in __call__
    await route.handle(scope, receive, send)
  File "/usr/local/lib/python3.10/site-packages/starlette/routing.py", line 276, in handle
    await self.app(scope, receive, send)
  File "/usr/local/lib/python3.10/site-packages/starlette/routing.py", line 66, in app
    response = await func(request)
  File "/usr/local/lib/python3.10/site-packages/fastapi/routing.py", line 255, in app
    content = await serialize_response(
  File "/usr/local/lib/python3.10/site-packages/fastapi/routing.py", line 141, in serialize_response
    raise ValidationError(errors, field.type_)
pydantic.error_wrappers.ValidationError: 2 validation errors for UsersResponse
response -> users -> 1 -> links
  year 56796 is out of range (type=value_error)
response -> users -> 2 -> links
  year 56796 is out of range (type=value_error)

To Reproduce Steps to reproduce the behavior:

  1. Add random user with expire/ on_hold_timeoutin timestamp is ms
  2. Try to get this user / all users
  3. Get 500 error
  4. See marzban logs

Expected behavior I suggest add these fixes:

  1. Validate fields on user creation endpoint and return error
  2. Add a tip to swagger docs about correct timestamps. Is it in ms or seconds? Maybe some examples right in swagger docs?

Screenshots image

Machine details (please complete the following information):

thehuze commented 3 weeks ago
$marzban-cli user list
╭─────────────────────────────── Traceback (most recent call last) ────────────────────────────────╮
│ /code/cli/user.py:41 in list_users                                                               │
│                                                                                                  │
│   38 │   │   │   │   "ID", "Username", "Status", "Used traffic",                                 │
│   39 │   │   │   │   "Data limit", "Reset strategy", "Expires at", "Owner",                      │
│   40 │   │   │   ),                                                                              │
│ ❱ 41 │   │   │   rows=[                                                                          │
│   42 │   │   │   │   (                                                                           │
│   43 │   │   │   │   │   str(user.id),                                                           │
│   44 │   │   │   │   │   user.username,                                                          │
│                                                                                                  │
│ ╭─────────────────────────────── locals ───────────────────────────────╮                         │
│ │   admins = []                                                        │                         │
│ │       db = <sqlalchemy.orm.session.Session object at 0x7172767db2e0> │                         │
│ │    limit = None                                                      │                         │
│ │   offset = None                                                      │                         │
│ │   search = None                                                      │                         │
│ │   status = None                                                      │                         │
│ │ username = []                                                        │                         │
│ │    users = [                                                         │                         │
│ │            │   <app.db.models.User object at 0x7172766d0670>,        │                         │
│ │            │   <app.db.models.User object at 0x7172766d0940>,        │                         │
│ │            │   <app.db.models.User object at 0x7172766d09d0>,        │                         │
│ │            │   <app.db.models.User object at 0x7172766d0a30>,        │                         │
│ │            │   <app.db.models.User object at 0x7172766d0a90>         │                         │
│ │            ]                                                         │                         │
│ ╰──────────────────────────────────────────────────────────────────────╯                         │
│                                                                                                  │
│ /code/cli/user.py:49 in <listcomp>                                                               │
│                                                                                                  │
│   46 │   │   │   │   │   readable_size(user.used_traffic),                                       │
│   47 │   │   │   │   │   readable_size(user.data_limit) if user.data_limit else "Unlimited",     │
│   48 │   │   │   │   │   user.data_limit_reset_strategy.value,                                   │
│ ❱ 49 │   │   │   │   │   utils.readable_datetime(user.expire, include_time=False),               │
│   50 │   │   │   │   │   user.admin.username if user.admin else ''                               │
│   51 │   │   │   │   )                                                                           │
│   52 │   │   │   │   for user in users                                                           │
│                                                                                                  │
│ ╭─────────────────────── locals ───────────────────────╮                                         │
│ │   .0 = <list_iterator object at 0x7172767db130>      │                                         │
│ │ user = <app.db.models.User object at 0x7172766d09d0> │                                         │
│ ╰──────────────────────────────────────────────────────╯                                         │
│                                                                                                  │
│ /code/cli/utils.py:85 in readable_datetime                                                       │
│                                                                                                  │
│   82 │   │   return dt_format                                                                    │
│   83 │                                                                                           │
│   84 │   if isinstance(date_time, int):                                                          │
│ ❱ 85 │   │   date_time = datetime.fromtimestamp(date_time)                                       │
│   86 │                                                                                           │
│   87 │   return date_time.strftime(get_datetime_format()) if date_time else "-"                  │
│   88                                                                                             │
│                                                                                                  │
│ ╭─────────────────────────────────────────── locals ───────────────────────────────────────────╮ │
│ │           date_time = 1730155373016                                                          │ │
│ │ get_datetime_format = <function readable_datetime.<locals>.get_datetime_format at            │ │
│ │                       0x7172766828c0>                                                        │ │
│ │        include_date = True                                                                   │ │
│ │        include_time = False                                                                  │ │
│ ╰──────────────────────────────────────────────────────────────────────────────────────────────╯ │
╰──────────────────────────────────────────────────────────────────────────────────────────────────╯
ValueError: year 56796 is out of range
ImMohammad20000 commented 3 weeks ago

Send json

thehuze commented 3 weeks ago

Try on swagger ui create user with expire field equals 1731453748950. Its current timestamp in ms

M03ED commented 2 weeks ago

Try on swagger ui create user with expire field equals 1731453748950. Its current timestamp in ms

Should be in second not millisecond