Open maniackcrudelis opened 1 year ago
maniackcrudelis
commented
1 year ago Update on that issue, still relevant.
I've tried to purge all Refresh Tokens I had, without any success.
Also tried to add trusted_networks: - 192.168.1.48 and trusted_proxies: - 192.168.1.48 but nothing solved the issue.
No problem have arisen from Chromium, the issue only exist with Firefox.
I have no idea what really cause the issue, since it was perfectly working until the upgrade.
maniackcrudelis
commented
1 year ago After an upgrade to 2023.3.6, the issue is still there.
I've seen a lot of reports on the forum about the same issue, would be really appreciated if someone can have a look at it.
vicfalls
commented
1 year ago I do have the same issue:
Home Assistant 2023.4.2 Supervisor 2023.04.0 Operating System 9.5 Frontend 20230406.1 - latest
Logger: homeassistant.components.http.ban
Source: components/http/ban.py:80
Integration: HTTP ([documentation](https://www.home-assistant.io/integrations/http), [issues](https://github.com/home-assistant/home-assistant/issues?q=is%3Aissue+is%3Aopen+label%3A%22integration%3A+http%22))
First occurred: 11:31:20 (135 occurrences)
Last logged: 12:08:16
Login attempt or request with invalid authentication from x.x.x.x (x.x.x.x). Requested URL: '/auth/token'. (Home Assistant/2023.2.1 (io.robbie.HomeAssistant; build:2023.452; macOS(Catalyst) 13.2.1) Alamofire/5.6.2)
Login attempt or request with invalid authentication from 192.168.1.197 (192.168.1.197). Requested URL: '/api/websocket'. (Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Home Assistant/2023.2.1 (io.robbie.HomeAssistant; build:2023.452; macOS 13.2.1) Mobile/HomeAssistant, like Safari)
Does anyone knows what I can do?
Thanks Vic
blackwood821
commented
1 year ago I'm experiencing the same issue when attempting to link the home assistant alexa skill from the alexa app. I can log in using my public home assistant URL in the browser with the exact same credentials without issue.
tomg1970
commented
1 year ago I do have the same issue:
Home Assistant 2023.4.2
Supervisor 2023.04.0
Operating System 9.5
Frontend 20230406.1 - latest
Logger: homeassistant.components.http.ban
Source: components/http/ban.py:80
Integration: HTTP ([documentation](https://www.home-assistant.io/integrations/http), [issues](https://github.com/home-assistant/home-assistant/issues?q=is%3Aissue+is%3Aopen+label%3A%22integration%3A+http%22))
First occurred: 11:31:20 (135 occurrences)
Last logged: 12:08:16
Login attempt or request with invalid authentication from x.x.x.x (x.x.x.x). Requested URL: '/auth/token'. (Home Assistant/2023.2.1 (io.robbie.HomeAssistant; build:2023.452; macOS(Catalyst) 13.2.1) Alamofire/5.6.2)
Login attempt or request with invalid authentication from 192.168.1.197 (192.168.1.197). Requested URL: '/api/websocket'. (Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Home Assistant/2023.2.1 (io.robbie.HomeAssistant; build:2023.452; macOS 13.2.1) Mobile/HomeAssistant, like Safari)Does anyone knows what I can do?
Thanks Vic
same error
Ufinexa
commented
1 year ago Had the same issue after attempting to call for my lights using my stream deck today, I am assuming a new update has broken something?
fabulouss56
commented
1 year ago Hi, I have the same issue 20230503.3 : 2023.5.4
i don't have any file named : ip_bans in my config folder.
Logger: homeassistant.components.http.ban Source: components/http/ban.py:80 Integration: HTTP (documentation, issues) First occurred: 01:34:33 (12 occurrences) Last logged: 01:54:32
Login attempt or request with invalid authentication from 192.168.1.254 (192.168.1.254). Requested URL: '/auth/token'. (Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36) Login attempt or request with invalid authentication from 192.168.1.254 (192.168.1.254). Requested URL: '/auth/login_flow/a3e1420b9bec3970a4dd1aa58f35ab16'. (Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36)
Some news on it ?
maniackcrudelis
commented
1 year ago Currently on 2023.5.4, the error is still there. It doesn't seems to have been any fix on this issue...
MikOsle
commented
1 year ago I have the same error. I cannot access from LAN, only from WAN. And not ip_ban:yaml file is generated. It seems like all local IPs are banned.
kaylamillerdev
commented
1 year ago Currently have this issue on 2023.7.1 :(
Haeusele
commented
1 year ago I have the same problem while trying to authorize the alexa skill. Login in the browser works well.
2023-07-09 21:49:35.304 WARNING (MainThread) [homeassistant.components.http.ban] Login attempt or request with invalid authentication from dynamic-xxx-114-093-083.46.114.pool.telefonica.de (46.114.93.xx). Requested URL: '/auth/login_flow/7a7251da7304e66f2b3eed5033afb2xx'. (Mozilla/5.0 (Android 13; Mobile; rv:109.0) Gecko/115.0 Firefox/115.0)
yersoncontacto
commented
1 year ago Same error here :( [homeassistant.components.http.ban] Login attempt or request with invalid authentication from customer.sntochl1.pop.starlinkisp.net Requested URL: '/auth/token'. (Home Assistant/2023.4 (io.robbie.HomeAssistant; build:2023.460; iOS 16.5.1) Alamofire/5.6.4)
edwin19861218
commented
1 year ago same error in 20230705.1: 2023-07-11 22:02:55.744 WARNING (MainThread) [homeassistant.components.http.ban] Login attempt or request with invalid authentication from edwinsmacmini (10.0.0.5). Requested URL: '/auth/login_flow/966547c93ddf3d00bd6e7306ab5d8a9b'. (Mozilla/5.0 (iPhone; CPU iPhone OS 17_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.0 Mobile/15E148 Safari/604.1)
blackwood821
commented
1 year ago In case this helps anyone else, my issue was that I was using a password manager (LastPass) when linking the skill in the Alexa app and even though it filled in the username and password on the home assistant login form, it must not have been triggering a changed event because it was not submitting any credentials. As soon as I focused on the password field, added a space and deleted a space and resubmitted the form, it worked.
andyli1985
commented
1 year ago In case this helps anyone else, my issue was that I was using a password manager (LastPass) when linking the skill in the Alexa app and even though it filled in the username and password on the home assistant login form, it must not have been triggering a changed event because it was not submitting any credentials. As soon as I focused on the password field, added a space and deleted a space and resubmitted the form, it worked.
Thank you so much! Following your instruction solved my problem. In my case, I was using Bitwarden to fill in the password.
HakamSaffour
commented
1 year ago 
mwhrtin
commented
10 months ago In case this helps anyone else, my issue was that I was using a password manager (LastPass) when linking the skill in the Alexa app and even though it filled in the username and password on the home assistant login form, it must not have been triggering a changed event because it was not submitting any credentials. As soon as I focused on the password field, added a space and deleted a space and resubmitted the form, it worked.
I just want to mention that this solved my issues as well. I've had this issue from time to time across different Home Assistant versions, when logging in on different machines using different browsers, and I've never been able to figure out why some were getting IP blocked shortly after login and why others didn't . After reading this I realized that I was using either Safari autofill or Strongbox autofill when entering the credentials every time my IP was blocked.
I copy-pasted the credentials to the Home Assistant login form instead of using the Safari autofill on one of the machines that were continuously IP blocked directly after login, and when doing this manually instead of with autofill the login was successful and the authentication persisted without getting IP blocked..
apedance
commented
9 months ago Having the same issue with latest updates as of today. Using home assistant cloud as connection. Unable to login. Using nginx provided url. Unable to login.
projektdotnet
commented
9 months ago Was also using a password manager (bitwarden) to auto-fill, manually filling fields also resolved for me on mobile FF which is the only place it was having issues. Thank you @blackwood821!
AlexeyVT
commented
7 months ago Had the same problem. In the browser console log I found that there was no connection to the web socket. I adjusted the availability of wss, the problem was solved. Maybe it will help someone
malballuk1
commented
7 months ago Just started getting this issue Login attempt or request with invalid authentication from 192.168.1.243 (192.168.1.243). See the log for details.
This notification comes up when I play a track from my mobile to the Sonos play 1 not touching HA
I do have the Sonos integration but not playing from there
LLin233
commented
6 months ago Had the same problem. In the browser console log I found that there was no connection to the web socket. I adjusted the availability of wss, the problem was solved. Maybe it will help someone
could you add some details about how you adjust the availability of wss? Thanks!
sven-debug
commented
4 months ago Same issue here. Any news on a solution progress?
miamilabs
commented
4 months ago I moved my docker container from 1 to another machine and then this started to happen.. The original machine still works... Any one managed to fix this?
troffasky
commented
4 months ago Not sure what caused this for me. UI stopped responding so I refreshed the tab. It accepts a login and then just goes round in a loop. Restarted container, deleted all cookies, no difference. For me, updating to 2024.5.1 was the fix.
empewoow
commented
1 month ago Got the same issue, with Bitwarden autofill it did not work, while copying and pasting the username and password works...
troffasky
commented
1 month ago For me, updating to 2024.5.1 was the fix.
I am pretty sure now that the update itself wasn't the fix, it was the update process that did something to un-block my IP.
leonbrag
commented
2 weeks ago I have the same issue. I am running HASS in Docker container. I also have Frigate integration enabled.
homeassistant | 2024-08-19 21:59:04.567 WARNING (MainThread) [homeassistant.components.http.ban] Login attempt or request with invalid authentication from 192.168.4.158 (192.168.4.158). Requested URL: '/auth/token'. (HomeAssistant-Extensions-PushProvider/2024.7 (io.robbie.HomeAssistant.PushProvider; build:2024.730; iOS 17.5.1) Alamofire/5.8.0)``
The problem
Since the upgrade from 2023.2.3 to 2023.3.4, I have recurrent errors saying
Login attempt or request with invalid authenticationwhen using the API.The errors, so far, happened with the custom card mini graph card and with the automations themselves, as soon as I go to config/automation/dashboard.
Each time, an error appears saying
The IP is from my main computer visiting the web interface.
I managed to solve temporarily the issue by cleaning up completely the Local storage of my Firefox. But the issue reappears soon afterwards.
The error is fatal, with the custom card mini graph card, I don't have any graph showing, and with the automation, en error message says
This automation can not be edited from the UI, because it is not stored in the automations.yaml file, or doesn't have an ID.If I try to migrate, as suggested, I have en errorResponse error: 401and the same log about the login attempt.The issue does not happen with Chromium (so far...) and didn't happened with the version 2023.2.3.
What version of Home Assistant Core has the issue?
2023.3.4
What was the last working version of Home Assistant Core?
2023.2.3
What type of installation are you running?
Home Assistant Core
Integration causing the issue
No response
Link to integration documentation on our website
No response
Diagnostics information
No response
Example YAML snippet
No response
Anything in the logs that might be useful for us?
Additional information
No response