causefx
commented
4 years ago Can anyone else using Traefik confirm??
Closed DunklerPhoenix closed 4 years ago
causefx
commented
4 years ago Can anyone else using Traefik confirm??
Gibletron
commented
4 years ago Can confirm! Using Traefik v2.3.2 the new auth api adds a trailing .
causefx
commented
4 years ago so it this a traefik bug? organizr doesn't add any trailing dots from my review.
Gibletron
commented
4 years ago Well, not entirely sure,, the problem didn't exist until I updated Organizr And my Traefik config also doesn't add any trailing dot anywhere It has something to do with Organizr auth, nowhere else is a dot added, except when using Organizr auth AND there is no current login cookie In that case I should get forwarded/redirected to the Organizr subdomain (organizr.mydomain.com) but somehow a dot is added onto the end
Fma965
commented
4 years ago Can confirm the same thing on both my server and my friends server
doug-w
commented
4 years ago I'm seeing this as well but can confirm it's not from Traefik. From inside a docker container from organizr/organizr:
root@1e82dca337d5:/$ curl -v 'http://localhost/api/v2/auth?group=2'
GET /api/v2/auth?group=2 HTTP/1.1 Host: localhost User-Agent: curl/7.69.1 Accept: /
Notice the location is to 'localhost.'
HalianElf
commented
4 years ago That should either be returning a 401 or a 200. I'm not sure why you're getting a 302.
:/opt/swag/nginx$ docker exec -it organizr curl -v http://localhost/api/v2/auth?group=0
* Trying 127.0.0.1:80...
* Connected to localhost (127.0.0.1) port 80 (#0)
> GET /api/v2/auth?group=0 HTTP/1.1
> Host: localhost
> User-Agent: curl/7.69.1
> Accept: */*
>
* Mark bundle as not supporting multiuse
< HTTP/1.1 401 Unauthorized
< Server: nginx
< Date: Tue, 10 Nov 2020 03:06:28 GMT
< Content-Type: application/json;charset=UTF-8
< Transfer-Encoding: chunked
< Connection: keep-alive
<
{
"response": {
"result": "error",
"message": "User: Guest | Group: 999 | IP: 127.0.0.1 | Requesting Access to Group 0 | Result: User is not Authorized or User is locked",
"data": null
}
* Connection #0 to host localhost left intactI just tried from organizr container too:
root@organizr-sonflix:/$ curl -v 'http://localhost/api/v2/auth?group=2'
* Trying 127.0.0.1:80...
* Connected to localhost (127.0.0.1) port 80 (#0)
> GET /api/v2/auth?group=2 HTTP/1.1
> Host: localhost
> User-Agent: curl/7.69.1
> Accept: */*
>
* Mark bundle as not supporting multiuse
< HTTP/1.1 401 Unauthorized
< Server: nginx/1.18.0
< Date: Tue, 10 Nov 2020 03:55:07 GMT
< Content-Type: application/json;charset=UTF-8
< Transfer-Encoding: chunked
< Connection: keep-alive
<
{
"response": {
"result": "error",
"message": "User: Guest | Group: 999 | IP: 127.0.0.1 | Requesting Access to Group 2 | Result: User is not Authorized or User is locked",
"data": null
}
* Connection #0 to host localhost left intact
}my bad fellas - i was testing with the traefix button off. This is now fixed in dev. Will be pushed to master - hopefully tomorrow.
Organizr Version: V 2.1.0
Branch: v2-develop
Operating System: Debian Buster - Docker Container
Problem Description:
The Traefik auth-redirection adds since some updates an ending dot to the address. This is preventing proper logging in For example: I open https://portainer.domain.com which has the middleware "http.middlewares.organizr-auth-admin.forwardAuth" In Organizr the traefik auth redirect option is active and I'm not logged in. At this moment I'll get redirected to https://console.domain.com. (with ending dot) [console.domain.com is organizr] This breaks the function of the login window. It will work again if I remove this dot.
Traefik Middleware
There is no error message. Just a message from the Google Analytics cookie that the domain is invalid (i think it's cause by the dot. Maybe all cookies are invalid then)