API unable to authenticate after updating Inventree

[JacobEFO]

Hi,

After I recently updated Inventree to the latest stable version and the API to 0.14.0 all my API based scripts have problems authenticating yielding a server connection issue. More precisely I get the following error:

Server connection error: <class 'requests.exceptions.ConnectionError'>
InvenTree server is not connected. Skipping authentication check
Traceback (most recent call last):
  File "/Users/jefo/MEGA/Electronics/PowerGaard/kicad/database/pgdb/mwe.py", line 4, in <module>
    api = InvenTreeAPI("http://inventree.localhost", username="root", password="jefo123")
          ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/Users/jefo/anaconda3/lib/python3.11/site-packages/inventree/api.py", line 77, in __init__
    self.connect()
  File "/Users/jefo/anaconda3/lib/python3.11/site-packages/inventree/api.py", line 131, in connect
    raise ConnectionError("Authentication at InvenTree server failed")
ConnectionError: Authentication at InvenTree server failed

I've gone down to a minimum example of the following code, where I have replaced username and password:

from inventree.api import InvenTreeAPI

if __name__ == "__main__":
    api = InvenTreeAPI("http://inventree.localhost", username="username", password="password")

I have also tried accessing with a token that worked last week on an older version of Inventree (v14.2 I believe it was). I am wondering why it states: 'InvenTree server is not connected.' because I have access to it on the new platform https://inventree.localhost/platform or the old GUI on https://inventree.localhost.

I have similarly tried accessing with pots 1337 and 8000 but unsurprisingly they do not work, as I have not specified any specific link in the INVENTREE_URL_SITE environment variable. Switching between http and https and using other combinations for the server address such as <URL>/api, <URL>/platform/api etc. similarly yield nothing.

Do you have any ideas what's going on?

Version info Macos Monterey: 12.7.5 Inventree source code SHA: 9f35971db17e1660fcd27c752558d41952a3e541 Inventree API: 0.14.0 Docker:

[SchrodingersGat]

These two should be the same.

[JacobEFO]

@SchrodingersGat yes naturally, the latest paste was from one of the tries that I've been running with. Whether it's http or https is no different in the functionality, but I'd expect it should match up with the server instance that uses https.

[SchrodingersGat]

@JacobEFO apologies, I missed the last part where you had already tried that.

Looking at the initial error message it is stating an authentication error - this means the username / password combination is incorrect. Incidentally you should remove that data from your post

[JacobEFO]

I had verified numerous times that both the 'root' user with its accompanying password and my local super user with its respective password could indeed log in on the webpage but would fail authentication on the API. Similarly using a token that had previously been used successfully for authentication prior to updating Inventree failed with the same error.

[SchrodingersGat]

That is very odd. I have just confirmed that the latest inventree-python lib works with a local setup and also the demo server.

Can you check if you can connect to:

• host: https://demo.inventree.org
• username: admin
• password: inventree

(using your current python setup)

[JacobEFO]

I can successfully log-in through the web-page but also gain access using the API using username/password.

So I might just conclude, this is an inventree installation/setup problem more than the API at least.

[reid-p]

I've got exactly the same issue Web access login works fine, password double and triple checked python api using token or basic logon fails with "Authentication at InvenTree server failed"

[JacobEFO]

I have still yet to find a resolution. At the moment I put my inventree work on the shelf and hope to return in a newer version where this bug might just be miraculously solved :)

[SchrodingersGat]

@reid-p @JacobEFO have you tested access against the demo server?

[reid-p]

Yes the demo works. I can see the creds being sent in the headers, so seems to be a server side issue.

I'm using inventree-python 0.14, installed via pip.

Here's the details of my server:

Version Information:

InvenTree-Version: 0.15.3 Django Version: 4.2.12 Commit Hash: d4d9aa9 Commit Date: 2024-05-28 Commit Branch: stable Database: mysql Debug-Mode: True Deployed using Docker: False Platform: Linux-5.14.0-427.18.1.el9_4.x86_64-x86_64-with-glibc2.34 Installer: GIT

Active plugins: [{'name': 'InvenTreeBarcode', 'slug': 'inventreebarcode', 'version': '2.0.0'}, {'name': 'InvenTreeCoreNotificationsPlugin', 'slug': 'inventreecorenotificationsplugin', 'version': '1.0.0'}, {'name': 'InvenTreeCurrencyExchange', 'slug': 'inventreecurrencyexchange', 'version': '1.0.0'}, {'name': 'InvenTreeLabel', 'slug': 'inventreelabel', 'version': '1.0.0'}, {'name': 'InvenTreeLabelMachine', 'slug': 'inventreelabelmachine', 'version': '1.0.0'}, {'name': 'InvenTreeLabelSheet', 'slug': 'inventreelabelsheet', 'version': '1.0.0'}, {'name': 'DigiKeyPlugin', 'slug': 'digikeyplugin', 'version': '1.0.0'}, {'name': 'LCSCPlugin', 'slug': 'lcscplugin', 'version': '1.0.0'}, {'name': 'MouserPlugin', 'slug': 'mouserplugin', 'version': '1.0.0'}, {'name': 'TMEPlugin', 'slug': 'tmeplugin', 'version': '1.0.0'}]

[SchrodingersGat]

Ok, so the demo server is running "master" branch, whereas you are running "stable". Perhaps there is a difference there

[reid-p]

Solved for my setup. Had to add "WSGIPAssAuthorization On" to the apache config. Authorization header wasn't getting sent thru.

Thou I tried a coupe of other things as well on the way. Downgrade to python 3.11 (from 3.12). Haven't tried 3.12 again. pulled the latest changes on stable to 0.15.4 / fa1a9da23a86a1cc6bea29e647c268872a15dcb1 reinstalled the python venv and reset the database to initial setup. played with a couple of setting in the config.yaml related to cookies.

"invoke server" worked ok which suggested an apache config issue.

@JacobEFO, The following patch helped debug the issue for me.

diff --git a/src/backend/InvenTree/InvenTree/middleware.py b/src/backend/InvenTree/InvenTree/middleware.py
index d5463af22..c5b422342 100644
--- a/src/backend/InvenTree/InvenTree/middleware.py
+++ b/src/backend/InvenTree/InvenTree/middleware.py
@@ -70,6 +70,7 @@ class AuthRequiredMiddleware(object):

         # API requests are handled by the DRF library
         if request.path_info.startswith('/api/'):
+            print(f"{request.headers}")
             response = self.get_response(request)
             return response

[JacobEFO]

Thanks for following up. However, I seem to have no luck at all still.

Where did you add the WSGIPAssAuthorization On flag?

[SchrodingersGat]

@JacobEFO are you behind another layer of proxy / etc?

[JacobEFO]

@JacobEFO are you behind another layer of proxy / etc?

Sorry @SchrodingersGat, sometimes I just don't get updates. I am not behind any proxy or anything like that whatsoever. My network setup has not changed inbetween me switching versions.