search

matomo-org / matomo

Empowering People Ethically with the leading open source alternative to Google Analytics that gives you full control over your data. Matomo lets you easily collect data from websites & apps and visualise this data and extract insights. Privacy is built-in. Liberating Web Analytics. Star us on Github? +1. And we love Pull Requests!
https://matomo.org/
GNU General Public License v3.0
19.66k stars 2.62k forks source link

Auth tokens should always be displayed, even when email settings are not valid or time out #20395

Open mattmary opened 1 year ago

mattmary commented 1 year ago

I would like to generate a token, but when I submit the form, it loads indefinitvely. If I refresh the security page, I can see the token has been generated, but I can't display it.

Expected Behavior

Generate a token when I submit the form, and display it.

Current Behavior

Possible Solution

Steps to Reproduce (for Bugs)

  1. open /index.php?module=UsersManager&action=userSecurity&idSite=1&period=day&date=yesterday
  2. click create new token
  3. set a value in the text field
  4. submit
  5. nothing happens
  6. click stop loading in the browser
  7. refresh the security page: the token has been created but never displayed

Screencast from 24-02-23 14:22:23.webm

Context

Your Environment

Click to view System Check ### Mandatory checks #### PHP version >= 7.2.5: ✔ 8.0.28 #### PDO extension: ✔ #### PDO\MYSQL extension: ✔ #### MYSQLI extension: ✔ #### Other required extensions: ✔ zlib ✔ json ✔ filter ✔ hash ✔ session #### Required functions: ✔ debug_backtrace ✔ eval ✔ hash ✔ gzcompress ✔ gzuncompress ✔ pack #### Required PHP configuration (php.ini): ✔ session.auto_start = 0 ✔ max_execution_time = 0 OR = -1 OR >= 30 #### Directories with write access: ✔ $DOC_ROOT/tmp ✔ $DOC_ROOT/tmp/assets ✔ $DOC_ROOT/tmp/cache ✔ $DOC_ROOT/tmp/climulti ✔ $DOC_ROOT/tmp/latest ✔ $DOC_ROOT/tmp/logs ✔ $DOC_ROOT/tmp/sessions ✔ $DOC_ROOT/tmp/tcpdf ✔ $DOC_ROOT/tmp/templates_c ### Optional checks #### Required Private Directories: ✔ All private directories are inaccessible from the internet. #### Recommended Private Directories: ✔ All private directories are inaccessible from the internet. #### File integrity: ⚠ Warning: File integrity check failed and reported some errors. You should fix this issue and then refresh this page until it shows no error.

File integrity check could not be performed due to missing manifest.inc.php.
If you are deploying Matomo from Git, this message is normal. #### 64-bit PHP Binary: ✔ #### Tracker status: ✔ #### Memory limit: ✔ 512M #### Time zone: ✔ #### Open URL: ✔ curl #### PageSpeed is turned off: ✔ #### GD > 2.x + FreeType (graphics): ✔ #### Other extensions: ✔ json ✔ libxml ✔ dom ✔ SimpleXML ✔ openssl #### Other functions: ✔ shell_exec ✔ set_time_limit ✔ mail ✔ parse_ini_file ✔ glob ✔ gzopen ✔ md5_file #### Filesystem: ✔ #### Set up Cron (faster report-loading): ⚠ Warning: For optimal performance and a speedy Matomo, it is highly recommended to set up a crontab to automatically archive your reports, and to disable browser triggering in the Matomo settings. Learn more. #### Set up Cron - Managing processes via CLI: ✔ Ok #### Database abilities: ✔ UTF8mb4 charset ⚠ Warning: LOAD DATA INFILE
Hint: Using LOAD DATA INFILE by updating your PHP and MySQL software and ensuring your database user has the FILE privilege speeds up Matomo's archiving process a lot.
You should fix this problem if your Matomo server tracks high-traffic websites (e.g. over 100,000 pages per month).
Error: LOAD DATA INFILE failed... Error was:
Try #1: LOAD DATA INFILE : SQLSTATE[HY000]: General error: 13 Can't get stat of '$DOC_ROOT/tmp/assets/matomo_option-TOKEN_REPLACED.csv' (OS errno 13 - Permission denied),
Try #2: LOAD DATA LOCAL INFILE : SQLSTATE[42000]: Syntax error or access violation: 3948 Loading local data is disabled; this must be enabled on both the client and server sides[42000]
Troubleshooting: FAQ on matomo.org ✔ CREATE TEMPORARY TABLES ✔ Changing transaction isolation level #### Max Packet Size: ✔ #### Forced SSL Connection: ⚠ Warning: We recommend using Matomo over secure SSL connections only. To prevent insecure access over http, add force_ssl = 1 to the General section in your Matomo config/config.ini.php file.

Attention: Doing this without having set up a SSL certificate for using HTTPS will break Matomo. #### Geolocation: ✔ geoip2php (continent_code, continent_name, country_code, country_name, region_code, region_name, city_name, postal_code, lat, long) #### Update over HTTPS: ✔ #### Writable JavaScript Tracker ("/matomo.js"): ✔ ### Informational results #### Matomo Version: 4.13.2 #### Matomo Update History: 4.13.2, #### Matomo Install Version: 4.13.2 #### Latest Available Version: #### Is Git Deployment: 0 #### PHP_OS: Linux #### PHP SAPI: apache2handler #### Timezone Version: 0.system #### PHP Timezone: UTC #### PHP Time: 1677202414 #### PHP Datetime: 2023-02-24 01:33:34 #### PHP Disabled functions: pcntl_alarm, pcntl_fork, pcntl_waitpid, pcntl_wait, pcntl_wifexited, pcntl_wifstopped, pcntl_wifsignaled, pcntl_wifcontinued, pcntl_wexitstatus, pcntl_wtermsig, pcntl_wstopsig, pcntl_signal, pcntl_signal_get_handler, pcntl_signal_dispatch, pcntl_get_last_error, pcntl_strerror, pcntl_sigprocmask, pcntl_sigwaitinfo, pcntl_sigtimedwait, pcntl_exec, pcntl_getpriority, pcntl_setpriority, pcntl_async_signals, pcntl_unshare, #### PHP INI max_execution_time: 30 #### PHP INI post_max_size: 8M #### PHP INI max_input_vars: 1000 #### PHP INI zlib.output_compression: #### Curl Version: 7.81.0, OpenSSL/3.0.2 #### Suhosin Installed: 0 #### DB Prefix: matomo_ #### DB Charset: utf8mb4 #### DB Adapter: PDO\MYSQL #### MySQL Version: 8.0.32-0ubuntu0.22.04.2 #### Num Tables: 31 #### Browser Segment Archiving Enabled: 1 #### Development Mode Enabled: 0 #### Internet Enabled: 1 #### Multi Server Environment: 0 #### Auto Update Enabled: 1 #### Custom User Path: 0 #### Custom Include Path: 0 #### Release Channel: latest_stable #### Plugins Activated: API, Actions, Annotations, BulkTracking, Contents, CoreAdminHome, CoreConsole, CoreHome, CorePluginsAdmin, CoreUpdater, CoreVisualizations, CoreVue, CustomDimensions, CustomJsTracker, Dashboard, DevicePlugins, DevicesDetection, Diagnostics, Ecommerce, Events, Feedback, GeoIp2, Goals, Heartbeat, ImageGraph, Insights, Installation, Intl, IntranetMeasurable, LanguagesManager, Live, Login, Marketplace, MobileMessaging, Monolog, Morpheus, MultiSites, Overlay, PagePerformance, PrivacyManager, ProfessionalServices, Proxy, Referrers, Resolution, RssWidget, SEO, ScheduledReports, SegmentEditor, SitesManager, TestRunner, Tour, Transitions, TwoFactorAuth, UserCountry, UserCountryMap, UserId, UserLanguage, UsersManager, VisitFrequency, VisitTime, VisitorInterest, VisitsSummary, WebsiteMeasurable, Widgetize #### Plugins Deactivated: DBStats, ExampleAPI, ExampleCommand, ExampleLogTables, ExamplePlugin, ExampleReport, ExampleSettingsPlugin, ExampleTheme, ExampleTracker, ExampleUI, ExampleVisualization, ExampleVue, MobileAppMeasurable #### Plugins Invalid: #### Server Info: Apache/2.4.52 (Ubuntu) #### Had visits in last 1 day: 0 #### Had visits in last 3 days: 0 #### Had visits in last 5 days: 0 #### Archive Time Last Started: - #### Archive Time Last Finished: - #### User Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/110.0 #### Browser Language: en-gb,en #### Total Invalidation Count: 0 #### In Progress Invalidation Count: 0 #### Scheduled Invalidation Count: 0 #### Earliest invalidation ts_started: #### Latest invalidation ts_started: #### Earliest invalidation ts_invalidated: #### Latest invalidation ts_invalidated: #### Number of segment invalidations: 0 #### Number of plugin invalidations: 0 #### List of plugins being invalidated: #### Anonymize Referrer: #### Do Not Track enabled: 1
mattmary commented 1 year ago

Nothing in console, nothing in the matomo log (debug mode).

heurteph-ei commented 1 year ago

What is the response content in the network console?

mattmary commented 1 year ago

I have no response output in the console: the request never ends.

heurteph-ei commented 1 year ago

Is there nothing between the browser and the server (WAF, proxy, balancer, etc.) that could catch the request and not managing it? Do you see the request errive to the Matomo server (have a look at the Matomo connection log where all HTTP200 requests are logged)

bx80 commented 1 year ago

@mattmary This could be caused by non-working email settings. Once the token is generated an email is sent using the UI thread, if this email fails to send for some reason then the UI is never updated to show the token. This can be checked by setting emails_enabled = 0 in config. Could you confirm if disabling emails solves this for you?

mattmary commented 1 year ago

@bx80 it solved the problem, yes. Thanks!

sgiehl commented 1 year ago

Wouldn't it nevertheless be good to catch possible email errors, so that the generated token will still be shown?

bx80 commented 1 year ago

This has happened a few times and can be difficult to troubleshoot :+1:

We should implement a fix so that the token is always shown in the UI even if the email settings are invalid or the email server connection times out.