search

HemmeligOrg / Hemmelig.app

Keep your sensitive information out of chat logs, emails, and more with encrypted secrets.
https://hemmelig.app
MIT License
697 stars 61 forks source link

[OTHER] Problems logging in #248

Closed cocoonkid closed 9 months ago

cocoonkid commented 9 months ago

What would you like to share?

secretstestcom-hemmelig-1 | {"level":30,"time":1705593625592,"pid":19,"hostname":"1d4e5a2acc1e","reqId":"req-22","res":{"statusCode":401},"responseTime":1.379293441772461,"msg":"request completed"}

I always get the 401 response when trying to login as admin user.

services:
    hemmelig:
        image: hemmeligapp/hemmelig:latest
        init: true 
        volumes:
            - ./uploads:/var/tmp/hemmelig/upload/files
            - ./database/:/home/node/hemmelig/database/  # sudo chown -R 1000:1000 database
        environment:
            - SECRET_LOCAL_HOSTNAME=0.0.0.0 # The local hostname for the fastify instance
            - SECRET_PORT=3000 # The port number for the fastify instance
            - SECRET_HOST=secrets.mysite.com # Used for i.e. set cors/cookies to your domain name
            - SECRET_ROOT_USER=groot # User as the root admin user
            - SECRET_ROOT_PASSWORD=iamroot # The admin user password (change this after signed in)
            - SECRET_ROOT_EMAIL=admin@mypage.com # The email for the admin user
            - SECRET_FILE_SIZE=4 # Set the total allowed upload file size in mb
            - SECRET_FORCED_LANGUAGE=en # Set the default language for the application
            - SECRET_JWT_SECRET=<secret> # Override this for the secret signin JWT tokens for log in
            - SECRET_MAX_TEXT_SIZE=256 # The max text size for the secret. Is set in kb. i.e. 256 for 256kb
            - SECRET_DISABLE_USERS=false
            - SECRET_ENABLE_FILE_UPLOAD=true

I have a reverse proxy in front and no CORS or similar issues with other apps. The logs of that proxy usually tell me if there is an issue by they look fine.

What could the problem be?

I can do everything as non-logged in user and that works fine.

Additional information

image That's all i can see.

cocoonkid commented 9 months ago

I tried deleting the db and just reinitializing everything. now I get

secretsmysitecom-hemmelig-1 | {"level":50,"time":1705595062467,"pid":19,"hostname":"e2d48b5d4986","reqId":"req-4","req":{"method":"GET","url":"/","hostname":"secrets.mysite.com","remoteAddress":"10.20.30.4","remotePort":36472},"res":{"statusCode":500},"err":{"type":"TypeError","message":"Cannot read properties of null (reading 'role')","stack":"TypeError: Cannot read properties of null (reading 'role')\n at Object.readOnlyHandler (file:///home/node/hemmelig/src/server/prehandlers/read-only.js:28:49)"},"msg":"Cannot read properties of null (reading 'role')"}

might be related to #246

bjarneo commented 9 months ago

Hi, @cocoonkid , can you delete your cookies, then it should work. This issue is when you are already signed in to the domain, then the API tries to read from the cookies, and if the user do not exist, this error will be thrown.

I have to create a fix for that.

cocoonkid commented 9 months ago

@bjarneo I tried all this. But it still does not work. I also removed all mounts and made sure to start from scratch but still no dice.

bjarneo commented 9 months ago

I am not sure how you can end up in this situation at all. Really. Did you try with the latest release?

What I am trying to say is that most likely it is not the application causing issues.

Did you try to backup the database file, then remove it from the db folder and start from scratch?

filcuk commented 7 months ago

I've had the same issue. In case you have SECRET_HOST env var prefixed with the protocol, remove it. I.e.

SECRET_HOST=your.domain.com
cocoonkid commented 7 months ago

Thanks, but this correct in my case. I think my reverse proxy is doing something wrong. I will review this soon.