search

microsoft / aerial_wildlife_detection

Tools for detecting wildlife in aerial images using active learning
MIT License
224 stars 58 forks source link

admin password - invalid salt #55

Closed ctorney closed 2 years ago

ctorney commented 2 years ago

Hi Beni I'm getting an error when running the setupDB script

Seems like this change 97ee9fc0e300e7236cb33240954cacf0d5eed7ea makes the new account creation here: https://github.com/microsoft/aerial_wildlife_detection/blob/c3fade9b3a9f52a6fc31b671a6da8099bdfa9772/setup/setupDB.py#L61-L69 inconsistent with the checkpw function

dejmail commented 2 years ago

I'm experiencing a version of this error as well, though when I am starting the docker image, as well as when trying to login. The response on the developer panel in the browser says "Invalid salt". I've checked the DB, the user is there. I am now trying to step through the login procedure, but it's slow going.

  * Restarting PostgreSQL 13 database server                [ OK ]                                       
 Traceback (most recent call last):                                                                      
   File "setup/setupDB.py", line 122, in <module>                                                        
     setupDB()                                                                                           
   File "setup/setupDB.py", line 97, in setupDB                                                          
     add_update_superuser(config, dbConn)                                                                
   File "setup/setupDB.py", line 58, in add_update_superuser                                             
     if not bcrypt.checkpw(adminPass.encode('utf8'), bytes(currentMeta['hash'])):                        
   File "/opt/conda/lib/python3.8/site-packages/bcrypt/__init__.py", line 124, in checkpw                
     ret = hashpw(password, hashed_password)                                                             
   File "/opt/conda/lib/python3.8/site-packages/bcrypt/__init__.py", line 104, in hashpw                 
     raise ValueError("Invalid salt")                                                                    
 ValueError: Invalid salt

I'm running everything through docker with Postgresql version 13.

ctorney commented 2 years ago

I got around this by making the following change to setupDB.py

68         adminHash = bcrypt.hashpw(adminPass.encode('utf8'), bcrypt.gensalt(12))
69         values = (adminName, adminEmail, adminHash, True,)
70         dbConn.execute(sql, values, None)
dejmail commented 2 years ago

Thanks for the reply. Were you getting the Invalid salt error on the startup as well, or just when running setupDB script ?

This didn't seem to help me though. Are you also using docker (though not sure why that would affect things)?

Also are you able to login to the frontend using the details supplied in settings.ini ?

ctorney commented 2 years ago

As I remember it I'd get the error when running the setupDB script - AIDE would still launch but I couldn't log in. It was a few weeks ago now so not too sure. With that fix above the log in works with the details in the ini file.

This was with docker but I had to delete the container and start again for the change to have an effect - once you have an unencrypted admin password in the database then the setup script seems to give the salt error

dejmail commented 2 years ago

You get a high five for that ! It works now. I was going down the rabbit hole of middleware etc and it wasn't leading anywhere.

bkellenb commented 2 years ago

Hi all,

Apologies for that hiccup. I had fixed it a while ago, but only in the latest beta v3.0. It is now fixed in the current stable version too; see commit #b0319d7.