search

lobehub / lobe-chat

🤯 Lobe Chat - an open-source, modern-design AI chat framework. Supports Multi AI Providers( OpenAI / Claude 3 / Gemini / Ollama / Azure / DeepSeek), Knowledge Base (file upload / knowledge management / RAG ), Multi-Modals (Vision/TTS) and plugin system. One-click FREE deployment of your private ChatGPT/ Claude application.
https://chat-preview.lobehub.com
Other
40.96k stars 9.34k forks source link

[Bug] Logto 无法登录进Lobe #3838

Closed TinMiracle closed 1 week ago

TinMiracle commented 1 week ago

📦 Environment

Docker

📌 Version

v1.15.23

💻 Operating System

Ubuntu

🌐 Browser

Chrome

🐛 Bug Description

我使用Logto Cloud 进行部署,部署成功,登录Lobe成功后直接跳转到错误页面如下:

截屏2024-09-09 09 46 39

我自己部署的Logto也是有相同的问题。 我换成Auth0的话,就没有任何问题,可以正常登录跳转。 以下是我.env中的Logto Cloud的代码

KEY_VAULTS_SECRET=Kix2wcUONd4CX51E/ZPAd36BqM4wzJgKjPtz2sGztqQ=
NEXT_AUTH_SECRET=NX2kaPE923dt6BL2U8e9oSre5RfoT7hg
NEXT_AUTH_SSO_PROVIDERS=logto
LOGTO_CLIENT_ID=lo8du4jwh7d70zasr53ss
LOGTO_CLIENT_SECRETT=JuFffZiAU95CktxX2WtAyqOldmC4d2Vq
LOGTO_ISSUER=https://zo0dnb.logto.app/oidc
NEXTAUTH_URL=https://lobe.tiegg.com/api/auth

以下是测试用的Logto账号密码

Email address: test@example.com
Username: test
Password: 1lVHHK7k

以下是docker log:

[auth][error] CallbackRouteError: Read more at https://errors.authjs.dev#callbackrouteerror
[auth][cause]: TypeError: "client.client_secret" property must be a non-empty string
    at nc (/app/.next/server/chunks/76974.js:357:9466)
    at nd (/app/.next/server/chunks/76974.js:357:10182)
    at nA (/app/.next/server/chunks/76974.js:357:13737)
    at nS (/app/.next/server/chunks/76974.js:357:14183)
    at n$ (/app/.next/server/chunks/76974.js:357:17211)
    at n0 (/app/.next/server/chunks/76974.js:357:27072)
    at async ir (/app/.next/server/chunks/76974.js:357:34046)
    at async ip (/app/.next/server/chunks/76974.js:357:45375)
    at async im (/app/.next/server/chunks/76974.js:357:49748)
    at async /app/node_modules/.pnpm/next@14.2.8_@babel+core@7.23.6_supports-color@8.1.1__@opentelemetry+api@1.9.0_react-dom@18.3._itjmu72s7n7tov6po6nkhcdpya/node_modules/next/dist/compiled/next-server/app-route.runtime.prod.js:6:36932
[auth][details]: {
  "provider": "logto"
}
[NextAuth] Error: {
  cause: 'Configuration',
  message: 'Wrong configuration, make sure you have the correct environment variables set. Visit https://lobehub.com/docs/self-hosting/advanced/authentication for more details.',
  name: 'NextAuth Error'
}

请问各位大神怎么解决Logto的这个问题。

📷 Recurrence Steps

No response

🚦 Expected Behavior

No response

📝 Additional Information

No response

lobehubbot commented 1 week ago

Bot detected the issue body's language is not English, translate it automatically. 👯👭🏻🧑‍🤝‍🧑👫🧑🏿‍🤝‍🧑🏻👩🏾‍🤝‍👨🏿👬🏿

📦 Environment

Docker

📌 Version

v1.15.23

💻 Operating System

Ubuntu

🌐 Browser

Chrome

🐛 Bug Description

I used Logto Cloud for deployment, and the deployment was successful. After successfully logging into Lobe, I jumped directly to the error page as follows:

Screenshot 2024-09-09 09 46 39

The Logto I deployed myself also has the same problem. If I switch to Auth0, there will be no problems and I can log in and jump normally. The following is the code for Logto Cloud in my .env

KEY_VAULTS_SECRET=Kix2wcUONd4CX51E/ZPAd36BqM4wzJgKjPtz2sGztqQ=
NEXT_AUTH_SECRET=NX2kaPE923dt6BL2U8e9oSre5RfoT7hg
NEXT_AUTH_SSO_PROVIDERS=logto
LOGTO_CLIENT_ID=lo8du4jwh7d70zasr53ss
LOGTO_CLIENT_SECRETT=JuFffZiAU95CktxX2WtAyqOldmC4d2Vq
LOGTO_ISSUER=https://zo0dnb.logto.app/oidc
NEXTAUTH_URL=https://lobe.tiegg.com/api/auth

The following is the Logto account password used for testing

Email address: test@example.com
Username: test
Password: 1lVHHK7k

The following is the docker log:

[31m[auth][error] [0m CallbackRouteError: Read more at https://errors.authjs.dev#callbackrouteerror
[31m[auth][cause] [0m: TypeError: "client.client_secret" property must be a non-empty string
    at nc (/app/.next/server/chunks/76974.js:357:9466)
    at nd (/app/.next/server/chunks/76974.js:357:10182)
    at nA (/app/.next/server/chunks/76974.js:357:13737)
    at nS (/app/.next/server/chunks/76974.js:357:14183)
    at n$ (/app/.next/server/chunks/76974.js:357:17211)
    at n0 (/app/.next/server/chunks/76974.js:357:27072)
    at async ir (/app/.next/server/chunks/76974.js:357:34046)
    at async ip (/app/.next/server/chunks/76974.js:357:45375)
    at async im (/app/.next/server/chunks/76974.js:357:49748)
    at async /app/node_modules/.pnpm/next@14.2.8_@babel+core@7.23.6_supports-color@8.1.1__@opentelemetry+api@1.9.0_react-dom@18.3._itjmu72s7n7tov6po6nkhcdpya/node_modules/next/dist/ compiled/next-server/app-route.runtime.prod.js:6:36932
[31m[auth][details] [0m: {
  "provider": "logto"
}
[NextAuth] Error: {
  cause: 'Configuration',
  message: 'Wrong configuration, make sure you have the correct environment variables set. Visit https://lobehub.com/docs/self-hosting/advanced/authentication for more details.',
  name: 'NextAuth Error'
}

Could you please tell me how to solve this problem in Logto.

📷 Recurrence Steps

No response

🚦 Expected Behavior

No response

📝 Additional Information

No response

lobehubbot commented 1 week ago

👀 @TinMiracle

Thank you for raising an issue. We will investigate into the matter and get back to you as soon as possible. Please make sure you have given us as much context as possible.\ 非常感谢您提交 issue。我们会尽快调查此事,并尽快回复您。 请确保您已经提供了尽可能多的背景信息。

dosubot[bot] commented 1 week ago

Hello @TinMiracle! I'm here to help you with your technical issues. Let's work together to solve the problem you're facing.

I found a similar closed issue that might help you resolve the Logto authentication error:

  1. Issue: logto登录提示HTTPS错误[Bug] - Closed

    • Solution: Ensure that your application is served over HTTPS. The Crypto.subtle API is only available in secure contexts (HTTPS). You can configure HTTPS for your local deployment using self-signed certificates and Nginx as a reverse proxy [1].

  2. Discussion: logto登录提示HTTPS错误[Bug] - Solved

    • Solution: Temporarily bypass certificate errors using browser flags: --ignore-certificate-errors --unsafely-treat-insecure-origin-as-secure=http://192.168.31.11:3002 [2].

For your specific issue, it seems like there is a typo in your environment variables. The variable LOGTO_CLIENT_SECRETT should be LOGTO_CLIENT_SECRET. Here is the corrected .env configuration:

KEY_VAULTS_SECRET=Kix2wcUONd4CX51E/ZPAd36BqM4wzJgKjPtz2sGztqQ=
NEXT_AUTH_SECRET=NX2kaPE923dt6BL2U8e9oSre5RfoT7hg
NEXT_AUTH_SSO_PROVIDERS=logto
LOGTO_CLIENT_ID=lo8du4jwh7d70zasr53ss
LOGTO_CLIENT_SECRET=JuFffZiAU95CktxX2WtAyqOldmC4d2Vq
LOGTO_ISSUER=https://zo0dnb.logto.app/oidc
NEXTAUTH_URL=https://lobe.tiegg.com/api/auth

Ensure that these variables are correctly set in your LobeChat environment. After updating the .env file, restart your Docker services to apply the changes:

docker compose up -d

Do not use docker compose restart lobe to restart, as this method will not reload the environment variables, and your configuration changes will not take effect [3][4].

To continue talking to Dosu, mention @dosu.

gmksbk commented 1 week ago

我和你正好相反,logto没问题,auth0提示环境变量错误。。你auth0是如何设置的能发一下吗? 关于logto,本地部署的话会因为证书问题无法正常访问,需要新建一个浏览器快捷方式(chrome浏览器),然后在快捷方式上右键属性,在目标后边加上这句:--ignore-certificate-errors --unsafely-treat-insecure-origin-as-secure=http://你的ip:3002,用这个快捷方式访问即可,不过这样只能本地访问。如果需要外网访问,需要将你的域名反代,监听443端口,logto只支持https

lobehubbot commented 1 week ago

Bot detected the issue body's language is not English, translate it automatically. 👯👭🏻🧑‍🤝‍🧑👫🧑🏿‍🤝‍🧑🏻👩🏾‍🤝‍👨🏿👬🏿

I am exactly the opposite of you. Logto is fine, but auth0 prompts an environment variable error. . Can you tell me how you set up auth0? Regarding logto, if it is deployed locally, it will not be accessible due to certificate issues. You need to create a new browser shortcut (chrome browser), then right-click the properties of the shortcut and add this sentence after the target: --ignore-certificate-errors --unsafely-treat-insecure-origin-as-secure=http://your ip:3002, use this shortcut to access, but this can only be accessed locally. If you need external network access, you need to reverse your domain name and listen to port 443. Logto only supports https.

TinMiracle commented 1 week ago

我和你正好相反,logto没问题,auth0提示环境变量错误。。你auth0是如何设置的能发一下吗? 关于logto,本地部署的话会因为证书问题无法正常访问,需要新建一个浏览器快捷方式(chrome浏览器),然后在快捷方式上右键属性,在目标后边加上这句:--ignore-certificate-errors --unsafely-treat-insecure-origin-as-secure=http://你的ip:3002,用这个快捷方式访问即可,不过这样只能本地访问。如果需要外网访问,需要将你的域名反代,监听443端口,logto只支持https

我用的是Logto Cloud部署的,所以应该不存在https的问题。 这是我的auth0设置

NEXT_AUTH_SECRET=NX2kaPE923dt6BL2U8e9oSre5RfoT7hg
NEXT_AUTH_SSO_PROVIDERS=auth0
AUTH0_CLIENT_ID=VWpqWERQPkyD5AsmABpEfryPxckcyodM
AUTH0_CLIENT_SECRET=0PmZJYEy1ZQxz2SBoqd0J2i8Wn2rou9Vzco2hkPgP4fsGjD6BtHSoqMQ7uFNzpsR
AUTH0_ISSUER=https://dev-whjbzqs0m7slkv0q.us.auth0.com
ACCESS_CODE=232323232323
NEXTAUTH_URL=https://lobe.tiegg.com/api/auth
lobehubbot commented 1 week ago

Bot detected the issue body's language is not English, translate it automatically. 👯👭🏻🧑‍🤝‍🧑👫🧑🏿‍🤝‍🧑🏻👩🏾‍🤝‍👨🏿👬🏿

I am exactly the opposite of you. Logto is fine, but auth0 prompts an environment variable error. . Can you tell me how you set up auth0? Regarding logto, if it is deployed locally, it will not be accessible due to certificate issues. You need to create a new browser shortcut (chrome browser), then right-click the properties of the shortcut and add this sentence after the target: --ignore-certificate-errors --unsafely-treat-insecure-origin-as-secure=[http://your ip:3002, use this shortcut to access, but this can only be accessed locally. If you need external network access, you need to reverse your domain name and listen to port 443. Logto only supports https](http://%E4%BD%A0%E7%9A%84ip:3002%EF%BC%8C%E7 %94%A8%E8%BF%99%E4%B8%AA%E5%BF%AB%E6%8D%B7%E6%96%B9%E5%BC%8F%E8%AE%BF%E9%97 %AE%E5%8D%B3%E5%8F%AF%EF%BC%8C%E4%B8%8D%E8%BF%87%E8%BF%99%E6%A0%B7%E5%8F%AA %E8%83%BD%E6%9C%AC%E5%9C%B0%E8%AE%BF%E9%97%AE%E3%80%82%E5%A6%82%E6%9E%9C%E9 %9C%80%E8%A6%81%E5%A4%96%E7%BD%91%E8%AE%BF%E9%97%AE%EF%BC%8C%E9%9C%80%E8%A6 %81%E5%B0%86%E4%BD%A0%E7%9A%84%E5%9F%9F%E5%90%8D%E5%8F%8D%E4%BB%A3%EF%BC%8C %E7%9B%91%E5%90%AC443%E7%AB%AF%E5%8F%A3%EF%BC%8Clogto%E5%8F%AA%E6%94%AF%E6%8C%81https)

I am using Logto Cloud deployment, so there should be no https problem. This is my auth0 settings

NEXT_AUTH_SECRET=NX2kaPE923dt6BL2U8e9oSre5RfoT7hg
NEXT_AUTH_SSO_PROVIDERS=auth0
AUTH0_CLIENT_ID=VWpqWERQPkyD5AsmABpEfryPxckcyodM
AUTH0_CLIENT_SECRET=0PmZJYEy1ZQxz2SBoqd0J2i8Wn2rou9Vzco2hkPgP4fsGjD6BtHSoqMQ7uFNzpsR
AUTH0_ISSUER=https://dev-whjbzqs0m7slkv0q.us.auth0.com
ACCESS_CODE=232323232323
NEXTAUTH_URL=https://lobe.tiegg.com/api/auth
arvinxx commented 1 week ago

LOGTO_CLIENT_SECRETT=JuFffZiAU95CktxX2WtAyqOldmC4d2Vq

@TinMiracle 多了个 T ?

lobehubbot commented 1 week ago

Bot detected the issue body's language is not English, translate it automatically. 👯👭🏻🧑‍🤝‍🧑👫🧑🏿‍🤝‍🧑🏻👩🏾‍🤝‍👨🏿👬🏿

LOGTO_CLIENT_SECRETT=JuFffZiAU95CktxX2WtAyqOldmC4d2Vq

@TinMiracle An extra T?

TinMiracle commented 1 week ago

LOGTO_CLIENT_SECRETT=JuFffZiAU95CktxX2WtAyqOldmC4d2Vq

@TinMiracle 多了个 T ?

还真是。。。尴尬了 感谢大神!

lobehubbot commented 1 week ago

Bot detected the issue body's language is not English, translate it automatically. 👯👭🏻🧑‍🤝‍🧑👫🧑🏿‍🤝‍🧑🏻👩🏾‍🤝‍👨🏿👬🏿

LOGTO_CLIENT_SECRETT=JuFffZiAU95CktxX2WtAyqOldmC4d2Vq

@TinMiracle has an extra T?

It's true. . . Embarrassing. Thank you God!

lobehubbot commented 1 week ago

✅ @TinMiracle

This issue is closed, If you have any questions, you can comment and reply.\ 此问题已经关闭。如果您有任何问题,可以留言并回复。

Justin3go commented 1 week ago

LOGTO_CLIENT_SECRETT=JuFffZiAU95CktxX2WtAyqOldmC4d2Vq

@TinMiracle 多了个 T ?

文档这里有一点拼写问题,我也是直接复制过来的,也报错了,然后搜到了这个Iusse

image

lobehubbot commented 1 week ago

Bot detected the issue body's language is not English, translate it automatically. 👯👭🏻🧑‍🤝‍🧑👫🧑🏿‍🤝‍🧑🏻👩🏾‍🤝‍👨🏿👬🏿

LOGTO_CLIENT_SECRETT=JuFffZiAU95CktxX2WtAyqOldmC4d2Vq

@TinMiracle has an extra T?

There is a little spelling problem in the document. I copied it directly and reported an error. Then I searched for this Iusse

image

gmksbk commented 1 week ago

我和你正好相反,logto没问题,auth0提示环境变量错误。。你auth0是如何设置的能发一下吗? 关于logto,本地部署的话会因为证书问题无法正常访问,需要新建一个浏览器快捷方式(chrome浏览器),然后在快捷方式上右键属性,在目标后边加上这句:--ignore-certificate-errors --unsafely-treat-insecure-origin-as-secure=http://你的ip:3002,用这个快捷方式访问即可,不过这样只能本地访问。如果需要外网访问,需要将你的域名反代,监听443端口,logto只支持https

我用的是Logto Cloud部署的,所以应该不存在https的问题。 这是我的auth0设置

NEXT_AUTH_SECRET=NX2kaPE923dt6BL2U8e9oSre5RfoT7hg
NEXT_AUTH_SSO_PROVIDERS=auth0
AUTH0_CLIENT_ID=VWpqWERQPkyD5AsmABpEfryPxckcyodM
AUTH0_CLIENT_SECRET=0PmZJYEy1ZQxz2SBoqd0J2i8Wn2rou9Vzco2hkPgP4fsGjD6BtHSoqMQ7uFNzpsR
AUTH0_ISSUER=https://dev-whjbzqs0m7slkv0q.us.auth0.com
ACCESS_CODE=232323232323
NEXTAUTH_URL=https://lobe.tiegg.com/api/auth

感谢。。。我有个变量弄错了,AUTH0_ISSUER

lobehubbot commented 1 week ago

Bot detected the issue body's language is not English, translate it automatically. 👯👭🏻🧑‍🤝‍🧑👫🧑🏿‍🤝‍🧑🏻👩🏾‍🤝‍👨🏿👬🏿

I am exactly the opposite of you. Logto is fine, but auth0 prompts an environment variable error. . Can you tell me how you set up auth0? Regarding logto, if it is deployed locally, it will not be accessible due to certificate issues. You need to create a new browser shortcut (chrome browser), then right-click the properties of the shortcut and add this sentence after the target: --ignore-certificate-errors --unsafely-treat-insecure-origin-as-secure=[http://your ip:3002, use this shortcut to access, but this can only be accessed locally. If you need external network access, you need to reverse your domain name and listen to port 443. Logto only supports https](http://%E4%BD%A0%E7%9A%84ip:3002%EF%BC%8C%E7 %94%A8%E8%BF%99%E4%B8%AA%E5%BF%AB%E6%8D%B7%E6%96%B9%E5%BC%8F%E8%AE%BF%E9%97 %AE%E5%8D%B3%E5%8F%AF%EF%BC%8C%E4%B8%8D%E8%BF%87%E8%BF%99%E6%A0%B7%E5%8F%AA %E8%83%BD%E6%9C%AC%E5%9C%B0%E8%AE%BF%E9%97%AE%E3%80%82%E5%A6%82%E6%9E%9C%E9 %9C%80%E8%A6%81%E5%A4%96%E7%BD%91%E8%AE%BF%E9%97%AE%EF%BC%8C%E9%9C%80%E8%A6 %81%E5%B0%86%E4%BD%A0%E7%9A%84%E5%9F%9F%E5%90%8D%E5%8F%8D%E4%BB%A3%EF%BC%8C %E7%9B%91%E5%90%AC443%E7%AB%AF%E5%8F%A3%EF%BC%8Clogto%E5%8F%AA%E6%94%AF%E6%8C%81https)

I use Logto Cloud deployment, so there should be no https problem. This is my auth0 settings

NEXT_AUTH_SECRET=NX2kaPE923dt6BL2U8e9oSre5RfoT7hg
NEXT_AUTH_SSO_PROVIDERS=auth0
AUTH0_CLIENT_ID=VWpqWERQPkyD5AsmABpEfryPxckcyodM
AUTH0_CLIENT_SECRET=0PmZJYEy1ZQxz2SBoqd0J2i8Wn2rou9Vzco2hkPgP4fsGjD6BtHSoqMQ7uFNzpsR
AUTH0_ISSUER=https://dev-whjbzqs0m7slkv0q.us.auth0.com
ACCESS_CODE=232323232323
NEXTAUTH_URL=https://lobe.tiegg.com/api/auth

grateful. . . I made a mistake with a variable, AUTH0_ISSUER