search

lobehub / lobe-chat

🤯 Lobe Chat - an open-source, modern-design AI chat framework. Supports Multi AI Providers( OpenAI / Claude 3 / Gemini / Ollama / Azure / DeepSeek), Knowledge Base (file upload / knowledge management / RAG ), Multi-Modals (Vision/TTS) and plugin system. One-click FREE deployment of your private ChatGPT/ Claude application.
https://chat-preview.lobehub.com
Other
44.3k stars 9.93k forks source link

[Bug] LobeChat 数据库版本版本,配置Logto cloud版本启动后点击注册/登录报错 #3991

Closed SAnBlog closed 1 month ago

SAnBlog commented 1 month ago

📦 Environment

Docker

📌 Version

last

💻 Operating System

macOS

🌐 Browser

Chrome

🐛 Bug Description

[auth][error] MissingCSRF: CSRF token was missing during an action signin. Read more at https://errors.authjs.dev#missingcsrf 登录

logto cloud配置参数 NEXT_AUTH_SECRET=xxx # openssl rand -base64 32 生成 NEXT_AUTH_SSO_PROVIDERS=logto NEXTAUTH_URL=https://我的域名.com/api/auth AUTH_LOGTO_ID=xxxx2nly9qukpy AUTH_LOGTO_SECRET=xxxxYMT4amRm2YRaKU1o5 AUTH_LOGTO_ISSUER=https://xxxx.logto.app/oidc

📷 Recurrence Steps

No response

🚦 Expected Behavior

No response

📝 Additional Information

No response

lobehubbot commented 1 month ago

👀 @SAnBlog

Thank you for raising an issue. We will investigate into the matter and get back to you as soon as possible. Please make sure you have given us as much context as possible.\ 非常感谢您提交 issue。我们会尽快调查此事,并尽快回复您。 请确保您已经提供了尽可能多的背景信息。

dosubot[bot] commented 1 month ago

To resolve the "MissingCSRF" error when trying to sign in or register with Logto cloud on LobeChat using Docker on macOS with Chrome, ensure that you have correctly configured the CORS allowed origins in your Logto application settings. Specifically, you need to set the CORS allowed origins to https://你的域名.com.

Here is the relevant configuration step from the document:

### Configure Logto

Set the `Redirect URI` to `https://你的域名.com/api/auth/callback/logto` and the `Post sign-out redirect URI` to `https://你的域名.com/`.

Set `CORS allowed origins` to `https://你的域名.com`.

Additionally, make sure to configure the environment variables correctly in your LobeChat setup. Here are the necessary environment variables:

Environment Variable Type Description
NEXT_AUTH_SECRET Required A secret key used to encrypt Auth.js session tokens. You can generate a key using: openssl rand -base64 32
NEXT_AUTH_SSO_PROVIDERS Required Choose the single sign-on provider for LobeChat. For Logto, set this to logto.
LOGTO_CLIENT_ID Required The Client ID from the Logto App details page
LOGTO_CLIENT_SECRET Required The Client Secret from the Logto App details page
LOGTO_ISSUER Required The OpenID Connect issuer for Logto
NEXTAUTH_URL Optional This URL specifies the callback address for Auth.js during OAuth verification. Set this to https://你的域名.com/api/auth if the default redirect address is incorrect.

By ensuring that both the CORS allowed origins and the environment variables are correctly configured, you should be able to resolve the "MissingCSRF" error [1][2].

To continue talking to Dosu, mention @dosu.

SAnBlog commented 1 month ago

上述是错误设置Nginx导致,解决后点击登录日志报错[NextAuth] Error: { cause: 'Configuration', message: 'Wrong configuration, make sure you have the correct environment variables set. Visit https://lobehub.com/docs/self-hosting/advanced/authentication for more details.', name: 'NextAuth Error' }

lobehubbot commented 1 month ago

Bot detected the issue body's language is not English, translate it automatically. 👯👭🏻🧑‍🤝‍🧑👫🧑🏿‍🤝‍🧑🏻👩🏾‍🤝‍👨🏿👬🏿

The above is caused by incorrect setting of Nginx. After solving the problem, click the login log to report an error [NextAuth] Error: { cause: 'Configuration', message: 'Wrong configuration, make sure you have the correct environment variables set. Visit https://lobehub.com/docs/self-hosting/advanced/authentication for more details.', name: 'NextAuth Error' }

SAnBlog commented 1 month ago

上述是错误设置Nginx导致,解决后点击登录日志报错[NextAuth] Error: { cause: 'Configuration', message: 'Wrong configuration, make sure you have the correct environment variables set. Visit https://lobehub.com/docs/self-hosting/advanced/authentication for more details.', name: 'NextAuth Error' }

https://我的域名/api/auth 这个地址访问是404,这个是否存在问题?

lobehubbot commented 1 month ago

Bot detected the issue body's language is not English, translate it automatically. 👯👭🏻🧑‍🤝‍🧑👫🧑🏿‍🤝‍🧑🏻👩🏾‍🤝‍👨🏿👬🏿

The above is caused by incorrect setting of Nginx. After solving the problem, click the login log to report an error [NextAuth] Error: { cause: 'Configuration', message: 'Wrong configuration, make sure you have the correct environment variables set. Visit https://lobehub.com /docs/self-hosting/advanced/authentication for more details.', name: 'NextAuth Error' }

The access to https://my domain name/api/auth is 404. Is there a problem with this?

lobehubbot commented 1 month ago

✅ @SAnBlog

This issue is closed, If you have any questions, you can comment and reply.\ 此问题已经关闭。如果您有任何问题,可以留言并回复。