New user cannot be created using curl and Swagger API: user does not exist [uid: 0, name: , keyid: 0]

[cmoulliard]

Description

Issue

New user cannot be created using curl and Swagger API as we got as response user does not exist [uid: 0, name: , keyid: 0]

Command executed:

TOKEN=$(curl -s -k -H "Content-Type: application/json" -d '{"name":"init","scopes": ["write:user", "write:admin", "write:repository"]}' -u gitea_admin:gitea_admin https://gitea.localtest.me/api/v1/users/gitea_admin/tokens | jq -r .sha1)
echo $TOKEN
42d5804b9f1bc22da80896cc356c0681fc0994be

curl -k -X 'POST' \
  'https://gitea.localtest.me/api/v1/admin/users' \
  -H 'accept: application/json' \
  -H 'Authorization: token $TOKEN' \
  -H 'Content-Type: application/json' \
  -d '{
  "email": "user1@cnoe.io",
  "full_name": "user1",
  "login_name": "user1",
  "must_change_password": false,
  "password": "user11234",
  "restricted": false,
  "visibility", "public",
  "send_notify": false,
  "username": "user1"
}'
{"message":"user does not exist [uid: 0, name: , keyid: 0]","url":"http://gitea.localtest.me/api/swagger"}

Gitea Version

1.20.5-rootless

Can you reproduce the bug on the Gitea demo site?

No

Log Gist

2023/10/19 16:26:51 ...eb/routing/logger.go:102:func1() [I] router: completed POST /api/v1/admin/users for 10.244.0.6:46502, 401 Unauthorized in 0.3ms @ auth/middleware.go:39(auth.APIAuth)

Screenshots

No response

Git Version

2.40.1

Operating System

macos

How are you running Gitea?

Here is how I installed gitea

1. Create a kind kube cluster

   curl -s -L "https://raw.githubusercontent.com/snowdrop/k8s-infra/main/kind/kind.sh" | bash -s install --delete-kind-cluster --port-map 32222:22

2. Deploy the gitea helm chart

   
   cat <<EOF > helm-values.yml
   redis-cluster:
   enabled: false
   postgresql:
   enabled: false
   postgresql-ha:
   enabled: false

persistence: enabled: false

gitea: admin: username: "gitea_admin" password: "gitea_admin" email: "gi@tea.com" config: database: DB_TYPE: sqlite3 session: PROVIDER: memory cache: ADAPTER: memory queue: TYPE: level

service: ssh: type: NodePort nodePort: 32222 externalTrafficPolicy: Local

ingress: enabled: true className: nginx hosts:

• host: gitea.localtest.me paths:
  • path: / pathType: Prefix EOF helm install gitea gitea-charts/gitea -n gitea --create-namespace -f helm-values.yml

Database

SQLite

[lng2020]

Hi, I saw you solved your problem on the Discord channel. Is it okay to close it?

[cmoulliard]

We can close it but nevertheless it should be great to send back as response a more user friendly message !

[lng2020]

So what's the bug? I'm also confused about why this happened.

[cmoulliard]

The error was not at all related to the message returned :-(

We cannot create a user using a TOKEN but instead the username/password of the ADMIN user. So this request should work

curl -k -X 'POST' \
  "$GITEA_API_URL/v1/admin/users" \
  -H 'accept: application/json' \
  -u "gitea_admin:gitea_admin" \
  -H 'Content-Type: application/json' \
  -d '{
  "email": "user1@cnoe.io",
  "full_name": "user1",
  "login_name": "user1",
  "must_change_password": false,
  "password": "user11234",
  "restricted": false,
  "visibility": "public",
  "send_notify": false,
  "username": "user1"
}'

[LeonDevLifeLog]

It's your fault, this is not a bug,It's not replace $TOKEN by real token in the curl command.

it works when repalce -H 'Authorization: token $TOKEN' \ with -H "Authorization: token $TOKEN" \

[LeonDevLifeLog]

May be i can improve the error info.

[cmoulliard]

it works when repalce

Simple quote should be replaced by double quotes :-)

[cmoulliard]

May be i can improve the error info.

Yes please as the message is not related at all to what the root cause is

[LeonDevLifeLog]

I think for security reasons it should not be modified. Because the error message will be too detailed.

[cmoulliard]

Then the error message should be authentication failed instead of"user does not exist [uid: 0, name: , keyid: 0]`

[LeonDevLifeLog]

Agree