[Bug Report] Cannot login: Invalid cookie value

[supasonix-zuv]

Describe the bug At some point I stopped being able to log into Mango, I only noticed it last night, I'm not sure when it started. If I try to login I get: [DEBUG] {Timestamp} | User {username} verified [ERROR] {Timestamp} | Invalid cookie value [DEBUG] {Timestamp} | 302 POST /login [DEBUG] {Timestamp} | 200 GET /login and sometimes [ERROR] {Timestamp} | Error when verifying user : no results, with no username returned, even when I entered a known username. in addition, trying to login with authentication disabled returns: [ERROR] {Timestamp} | Nil Assertion Failed [DEBUG] {Timestamp} | Password does not match the hash or [ERROR] {Timestamp} | Error when verifying user : no results depending on what fields are filled in. Also I don't recall needing to visit the /login baseurl to login, but going to just ${IP Address}:9000 gives a 500 server error with [ERROR] {Timestamp} | Unhandled exception on HTTP::Handler, but I might have just never noticed it

This persists through a full removal of the mango config directory

To Reproduce

1. Try to login
2. See error in console

Expected behavior I can log in with the password I'm definitely not misspelling

Environment (please complete the following information):

• OS: Ubuntu 20.04
• Browser: Occurs on both Firefox and Tachiyomi's extension, the Tachiyomi extension worked for a time, until I restarted the server, at which point it also stopped working.
• Mango Version: 0.26.2 (docker:latest)

Docker (if you are running Mango in a Docker container)

• The docker-compose.yml file you are using, or your .env file. ` mango:
  image: hkalexling/mango container_name: mango restart: unless-stopped expose:
  • 9000
    ports:
    • 9000:9000
      volumes:
    • /mnt/SSD/mango:/root/mango
    • /mnt/SSD/mango/.config:/root/.config/mango
    • /mnt/HDD/Reading/Manga:/root/mango/library ` Additional context In docker exec I can add a user with a password and it still doesn't work.

[hkalexling]

Hi thanks for the report. I couldn't reproduce the issue following your steps and setup, and the error messages you posted seem to be suggesting conflicting things so it's really mind-boggling to me.

In docker exec I can add a user with a password and it still doesn't work.

Can you try to log in to the newly created account and then paste the debug log here?

[supasonix-zuv]

Aaand it works now, great. Nothing of any interest showed up in the debug log this time, but I'll attach it anyway. I'm just as boggled. Closing this issue. mango.log

[hkalexling]

Glad that it's working now, and yeah the log looks all good. Let me know if it happens again or if you have more information to share.

[supasonix-zuv]

Well, it's happened again, I generated a new user with mango admin, "root", gave admin access and a password, etc etc. When trying to login with debug all I get is this: [DEBUG] 2022/07/24 11:57:22 | User root verified [ERROR] 2022/07/24 11:57:22 | Invalid cookie value [DEBUG] 2022/07/24 11:57:22 | 302 POST /login 111.4ms [DEBUG] 2022/07/24 11:57:22 | 200 GET /login 26.57µs [DEBUG] 2022/07/24 11:57:22 | 200 GET /js/common.js 59.3µs [DEBUG] 2022/07/24 11:57:22 | 200 GET /css/mango.css 10.13ms [DEBUG] 2022/07/24 11:57:22 | 200 GET /favicon.ico 185.97µs I am getting a bunch of messages about thumbnail generation, seems like mango doesn't like some of my archives/some files are broken, and thumbnail generation is stuck at 67.9%. Don't know if that's important or not. [WARN] 2022/07/24 12:11:32 | Failed to generate thumbnail for file /root/mango/library/Neon Genesis Evangelion/Neon Genesis Evangelion v14 c96.rar. Corrupt JPEG Unhandled exception in spawn: Nil assertion failed (NilAssertionError) from usr/share/crystal/src/nil.cr:106:5 in 'not_nil!' from Mango/src/library/entry.cr:277:11 in 'generate_thumbnails' from Mango/src/library/library.cr:114:11 in '->' from usr/share/crystal/src/primitives.cr:255:3 in 'run' from ??? [WARN] 2022/07/24 12:11:33 | Unable to read page 1 of /root/mango/library/Ore no Kanojo to Osananajimi ga Shuraba Sugiru + H/Ore no Kanojo to Osananajimi ga Shuraba Sugiru + H v01 c08.zip. Error: deflate: invalid distance too far back The zip archive's file 01 has zero size, but the all the files in the rar seem fine, they all display in feh at least. Hope this information helps in any way.

[supasonix-zuv]

So it looks like it's actually something to do with cookies, that... makes sense. On a hunch I tried logging in with a different Firefox container, and it works. Examining the cookies further, I have a new cookie for the working container, "mango-sessid-{PORT}", and I have an old cookie for "_session_id", which is expired, could the cookie variable have changed? I'm not exactly sure what _session_id could be for, I run a bunch of things from the same IP. Regardless, I feel really foolish for not immediately trying to clear my cookies when reading an error message about an invalid cookie. Hopefully this info helps someone else if they ever run into this edge case.

[hkalexling]

@supasonix-zuv Oh sorry I missed the notification for your previous comment, and I am glad that it's working now! You mentioned that you had the same issue on both Firefox and Tachiyomi so I just assumed it was not a client side issue XD

As for why you have a _session_id cookie I have no idea at all. The cookie name is hardcoded here https://github.com/getmango/Mango/blob/1fb48648ad7c4b7e0eae0730dc30255184ec8aed/src/server.cr#L53 and we never changed it. I guess the mango part was somehow accidentally deleted on your side?