search

apioo / fusio

Open source API management platform
https://www.fusio-project.org
Apache License 2.0
1.87k stars 224 forks source link

Fusio 5.1.6 Could not authenticate issue #593

Closed prbt2016 closed 1 week ago

prbt2016 commented 1 week ago

Hello @chriskapp .

I was in the process of manual installation of Fusio 5.1.6 on CentOS Linux release 7.9.2009 (Core) with PHP 8.2 , MYSQL 5.7, Apache 2.4 .

I used following steps :

  1. Download fusio from https://github.com/apioo/fusio/releases/download/v5.1.6/fusio.zip
  2. Use manual method mentioned here https://docs.fusio-project.org/docs/installation/#manual-setup
  3. However, after successful installation , I get the following error when I try to log in i.e Could not authenticate

Following is the screenshot of the same : fusio

Following is the trace from browser's network panel : 

XHRPOST
http://{{URL}}/{{TO}}/{{FUSIO}}/public/authorization/token
[HTTP/1.1 404 Not Found 551ms]

POST
http://{{URL}}/{{TO}}/{{FUSIO}}/public/authorization/token
Status
404
Not Found
VersionHTTP/1.1
Transferred516 B (315 B size)
Referrer Policystrict-origin-when-cross-origin
Request PriorityHighest

Connection
    Keep-Alive
Content-Length
    315
Content-Type
    text/html; charset=iso-8859-1
Date
    {{DATE}} GMT
Keep-Alive
    timeout=5, max=100
Server
    Apache

Accept
    application/json
Accept-Encoding
    gzip, deflate
Accept-Language
    en-US,en;q=0.5
Authorization
    Basic {{VALUE}}
Connection
    keep-alive
Content-Length
    35
Content-Type
    application/json
Cookie
    {{COOKIE}}
Host
    {{HOST}}
Origin
    {{DOMAIN_NAME}}
Referer
    http://{{URL}}/{{TO}}/{{FUSIO}}/public/apps/fusio/login
User-Agent
    SDKgen Client v2.0

Also I compared Fusio 5.1.6 with Fusio 5.1.5, it seems that the .htaccess inside 'public' folder is missing in 5.1.6, which might be causing the issue.

The .htaccess contains following contents : 

RewriteEngine On
RewriteCond %{REQUEST_URI} !^/apps/
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule (.*) index.php/$1 [L]

RewriteCond %{HTTP:Authorization} ^(.*)
RewriteRule .* - [e=HTTP_AUTHORIZATION:%1]

Is that removed on purpose or is it a packaging issue?.

Could you please check and fix this ?.

chriskapp commented 1 week ago

Hi @prbt2016 this is indeed a packaging issue, since the github action some how ignores hidden files, I have just added the .htaccess to the zip file, so it should work now.

prbt2016 commented 1 week ago

Hello @chriskapp ,

Thanks for the fix. Issue got fixed after redownloading latest 5.1.6. Everything works fine now. You can close this issue.

Regards.