search

YunoHost-Apps / discourse_ynh

Discourse package for YunoHost
https://www.discourse.org/
GNU General Public License v2.0
24 stars 11 forks source link

Loose user admin after new connexion and create a new user LDAP #189

Open rodinux opened 3 weeks ago

rodinux commented 3 weeks ago

Describe the bug

Sign in again with the admin user LDAP create a new user changing last name letter

Context

Steps to reproduce

Expected behavior

Keep my admin user LDAP safe, when login again it should have recognize it

Logs

/var/log/nginx/discourse.domain.tld-access.log

XX.XXX.XX.XXX - - [09/Jul/2024:17:35:41 +0000] "GET /u/check_username?username=&email=user_foo%40habicoop.fr HTTP/2.0" 200 16 "https://discourse.domain.tld/login" "Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0"
XX.XXX.XX.XXX - - [09/Jul/2024:17:35:41 +0000] "GET /u/check_username?username=technique_numericoo1&email=user_foo%40habicoop.fr HTTP/2.0" 200 39 "https://discourse.domain.tld/login" "Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0"
XX.XXX.XX.XXX - - [09/Jul/2024:17:36:06 +0000] "GET /session/csrf HTTP/2.0" 200 99 "https://discourse.domain.tld/login" "Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0"
XX.XXX.XX.XXX - - [09/Jul/2024:17:36:06 +0000] "GET /u/check_username?username=&email=user_foo%40habicoop.fr HTTP/2.0" 200 16 "https://discourse.domain.tld/login" "Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0"
XX.XXX.XX.XXX - - [09/Jul/2024:17:36:08 +0000] "POST /u HTTP/2.0" 200 101 "https://discourse.domain.tld/login" "Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0"
XX.XXX.XX.XXX - - [09/Jul/2024:17:36:08 +0000] "POST /login HTTP/2.0" 302 109 "https://discourse.domain.tld/login" "Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0"
XX.XXX.XX.XXX - - [09/Jul/2024:17:36:09 +0000] "GET /u/account-created HTTP/2.0" 302 92 "https://discourse.domain.tld/login" "Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0"
XX.XXX.XX.XXX - - [09/Jul/2024:17:36:09 +0000] "GET / HTTP/2.0" 200 51607 "https://discourse.domain.tld/login" "Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0"
XX.XXX.XX.XXX - - [09/Jul/2024:17:36:12 +0000] "GET /images/discourse-logo-sketch-small.png HTTP/2.0" 200 62655 "https://discourse.domain.tld/" "Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0"
194.11.20.66 - - [09/Jul/2024:17:36:13 +0000] "GET /plugins/discourse-narrative-bot/images/font-awesome-ellipsis.png HTTP/1.1" 200 822 "-" "Ruby"
194.11.20.66 - - [09/Jul/2024:17:36:13 +0000] "GET /plugins/discourse-narrative-bot/images/font-awesome-bookmark.png HTTP/1.1" 200 733 "-" "Ruby"
XX.XXX.XX.XXX - - [09/Jul/2024:17:36:17 +0000] "GET /notifications?recent=true&limit=30 HTTP/2.0" 200 406 "https://discourse.domain.tld/" "Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0"
XX.XXX.XX.XXX - - [09/Jul/2024:17:36:20 +0000] "GET /notifications?recent=true&limit=30 HTTP/2.0" 200 406 "https://discourse.domain.tld/" "Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0"
XX.XXX.XX.XXX - - [09/Jul/2024:17:36:22 +0000] "GET /notifications?recent=true&limit=30 HTTP/2.0" 200 406 "https://discourse.domain.tld/" "Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0"
XX.XXX.XX.XXX - - [09/Jul/2024:17:36:22 +0000] "GET /letter_avatar_proxy/v4/letter/t/c89c15/32.png HTTP/2.0" 500 0 "https://discourse.domain.tld/" "Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0"
XX.XXX.XX.XXX - - [09/Jul/2024:17:36:25 +0000] "DELETE /session/user_fo1 HTTP/2.0" 200 20 "https://discourse.domain.tld/" "Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0"
rodinux commented 3 weeks ago

well, after been a little discouraged I try remove an reinstall now I have another issue...

https://paste.yunohost.org/raw/ipebonoqur

another test. It seems a problem with dependencies allowed at app collabora, I am right ?

https://paste.yunohost.org/raw/atupesuduy