Error: Failed to find refresh token when inviting new members

Infisical / infisical

♾ Infisical is the open-source secret management platform: Sync secrets across your team/infrastructure, prevent secret leaks, and manage internal PKI

https://infisical.com

Other

12.93k stars 667 forks source link

Error: Failed to find refresh token when inviting new members #1640

Open engrrio07 opened 3 months ago

engrrio07 commented 3 months ago

Describe the bug

When new members receive an invite they get redirected to log-in page immediately instead of sign-up page and encounters 400 Bad Request on /api/v1/auth/token route.

To Reproduce

Steps to reproduce the behavior:

Invite new member
New member receives email and click's on Join now
New member redirects to log-in page instead of sign-up page
token on network requests fails with 400 Bad Request status on /api/v1/auth/token

Expected behavior

New user should be able to sign-up

Screenshots

Platform you are having the issue on:

Self-hosted infisical running on Kubernetes deployed via infisical-standalone/1.0.6 helm chart

Additional context

The self-hosted infisical was recently migrated to Postgres from Mongodb.
Findings, req.cookies.jid is missing (reference).

jugrajsingh commented 2 months ago

My Deployment had the same issue. I disabled signups.

The Objective is to disable signups so no unwanted user can signup to the instance while allowing invited users to login.

dmweapon commented 2 months ago

I have same issue... and my backend log from command "docker logs infisical-backend" below

{"level":50,"time":1712641055737,"pid":1,"hostname":"46f996033a09","reqId":"req-2ph","severity":"ERROR","err":{"type":"UnauthorizedError","message":"Token missing","stack":"Unauthorized access: Token missing\n at Object. (file:///backend/dist/server/plugins/auth/verify-auth.mjs:13:11)\n at hookIterator (/backend/node_modules/fastify/lib/hooks.js:405:10)\n at next (/backend/node_modules/fastify/lib/hooks.js:239:18)\n at handleResolve (/backend/node_modules/fastify/lib/hooks.js:250:7)\n at process.processTicksAndRejections (node:internal/process/task_queues:95:5)","name":"Unauthorized access"},"msg":"Token missing"} {"level":30,"time":1712641055737,"pid":1,"hostname":"46f996033a09","reqId":"req-2ph","severity":"INFO","res":{"statusCode":403},"responseTime":0.8920488357543945,"msg":"request completed"}

is it about Object.handler...? it contains strange path...? I think path of "verify-auth.mjs" is wrong...

(using version3 of "docker-compose.prod.yml" file)

maidul98 commented 2 months ago

@akhilmhdh can you please take a look at this when you have time?

pat-s commented 2 months ago

For a while I thought this might be a local issue of mine but I am unable to login anymore after my docker-compose based installation has upgraded itself lately to the latest docker tag. I can't fully traceback which updated introduced it but right now I can't login with any account anymore and resetting the PW also does not work :/