Local development: cannot get past initial login screen

[dangzan]

We are happy to answer your questions about the code or discuss technical ideas.

Please complete the following checklist (by adding [x]):

• [x] I have searched open and closed issues for duplicates
• [x] This isn't a feature request
• [x] This is not a report about my app not working as expected

---

I am following the "Getting Started" instructions in the root README. After running yarn workspace proton-mail start and navigating to localhost:8080 in my browser, I am met with a prompt for username and password. When I enter one, a Human Verification modal opens that again prompts me for a username and password. When I attempt to submit one, nothing happens. There are no other inputs, links, or options on either of the aforementioned pages/components. I have found other issues here about dealing with captchas, but none about local dev app being inaccessible due to login prompt.

• Is there a particular username and password I am supposed to supply?
• Are there any other instructions for running the app locally that are not referenced in the project root's README?
• Am I supposed to be seeing username and password prompts on the Human Verification screen?

I am using node v18.17.1 and yarn v3.6.2. Thank you for any help you can provide.

[jonhermansen]

Hey @dangzan, not sure if this is helpful for you anymore, but I'm able to test changes locally with the following workaround:

yarn workspace proton-account start
# Browse to http://127.0.0.1:8080 in Firefox and log in, wait until you reach Dashboard screen
# Press Ctrl+C in terminal to kill old webpack process, we'll start a new one now
yarn workspace proton-mail start

After the webpack compilation step, your open browser tab should automatically refresh and should redirect you to your e-mail inbox. At least I've tested this with username/password login, not sure if it will work with 2FA, results may vary.

[razzius]

@jonhermansen on the current latest main branch, even when I use your workaround, I'm still blocked by the captcha not loading.

After I enter my login information on localhost, first it requests a URL like

http://localhost:8080/api/core/v4/captcha?Token=&ForceWebMessaging=1

That responds with an html page with a script embedded, that constructs a url in javascript:

    var url = "\/captcha\/v1\/assets\/?purpose=login";
    // ...

Then it attempts to load that URL http://localhost:8080/captcha/v1/assets/?purpose=login into an iframe, however that URL just loads the app again in what looks like a single-page application catch-all 404 handler sort of route. This loads the login page again, so I'm stuck in a loop:

---

Has anybody got a local login working lately?

[etorhub]

Hello @razzius , I am actually stucked on the same issue. Did you had any luck solving it?

[jonhermansen]

@etorhub @razzius I looked deep into this again recently, but did not come up with any workable solution.

The issue has to do with the proton-verify app, which is responsible for human verification.

The response headers for that app do not allow it to be embedded in iframes when the parent page is localhost.

You may try to work around this somehow by enabling SSL, running webpack on port 443, and fiddling with /etc/hosts (add a line -- 127.0.0.1 verify.proton.me) or something like that.

Then set up a local proxy that strips these response headers. And force browser to allow self-signed certificates.

[jonhermansen]

For more background information on how X-Frame-Options and Content Security Policy all works, check MDN:

https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP