search

LinkStackOrg / linkstack-docker

A simple to set up docker variant of LinkStack. LinkStack is a highly customizable link sharing platform with an intuitive, easy to use user interface.
https://linkstack.org/docker
GNU Affero General Public License v3.0
335 stars 41 forks source link

Resend Verification email loop #103

Closed 0x3639 closed 8 months ago

0x3639 commented 10 months ago

I inserted new smtp credentials and tried to impersonate a user who was not receiving the email verification.

I was presented with this message when I tried to impersonate the user. I could not login as that user and when I clicked logout

Screenshot 2023-11-18 at 3 58 10 PM

I was presented with this page. Not sure why this is showing as insecure. I'm using caddy and https was working correctly before I tried to impersonate someone with an account that was not email verified.

Screenshot 2023-11-18 at 3 58 16 PM

I then try to manually insert https:// before the URL https://my.znn.link/logout and get this error

https://flareapp.io/share/V7jW4qo5

Is there a way to log back in as admin given the state I'm in?

lastsamurai26 commented 10 months ago

Do you using 443 between docker and caddy ?

0x3639 commented 10 months ago

Here is my docker compose file. When using caddy and I reverse_proxy to http://localIP:8188 the site loads. When I change the reverse_proxy to https://localIP:8190 I get a 502 error. 

version: "3.8"

services:

  linkstack:
    hostname: 'linkstack'
    image: 'linkstackorg/linkstack:latest'
    environment:
      TZ: 'America/Chicago'
      SERVER_ADMIN: 'remove@email.com'
      HTTP_SERVER_NAME: 'my.znn.link'
      HTTPS_SERVER_NAME: 'my.znn.link'
      LOG_LEVEL: 'info'
      PHP_MEMORY_LIMIT: '256M'
      UPLOAD_MAX_FILESIZE: '8M'
    volumes:
      - 'linkstack_data:/htdocs'
    ports:
      - '8188:80'
      - '8190:443'
    restart: unless-stopped

volumes:
  linkstack_data:
0x3639 commented 10 months ago

I'm using Caddy on a different server. I don't think that should cause an issue.

0x3639 commented 9 months ago

I solved the problem with this Caddyfile change below. Need to accept self signed certificates. This fixed the Submit Secure error. However, i'm still stuck impersonating another user. When I login as admin, I'm asked to authenticate my account (as the impersonated user) and when I select logout it logs me out as admin, not the person I'm trying to impersonate.

I log back in as admin and I'm still impersonating the user who is trying to authenticate their email.

How can I manually get out of impersonating another user? 

yourdomain.com {
    reverse_proxy https://localhost:port {
        transport http {
            tls_insecure_skip_verify
        }
    }
}
lastsamurai26 commented 9 months ago

image use the "X" on the right top corner (:

0x3639 commented 9 months ago

Unfortunately I cannot login to see that page. I'm "stuck" impersonating someone who needs to verify their email address and cannot return to my admin profile. I can only see the Verify Email page or log out. I log out, then log back in and am presented with the verify email page of the person I'm impersonating.

I had to remove the volume and start over. But this could be a bug you should look into.

lastsamurai26 commented 9 months ago

can you show me your /httpdocs/.env file ?

and check the sqlite file in the table users you can find a colum named "auth_as" check this or set it to 0