search

mmtaee / ocserv-users-management

ocserv installation and user web-panel management.
90 stars 42 forks source link

Issue with Google recaptcha v3 #48

Closed MahdiKashani94 closed 6 months ago

MahdiKashani94 commented 6 months ago

Hi, I've recently installed this script on my pre installed ocserv server. I've enabled google recaptcha and inserted all the required keys, but now I get "Captcha challenge failed" and I can not log into admin area. is there any way to disable the recaptcha so I can regain access?

Thanks in advance

mmtaee commented 6 months ago

Hi, Panel only support Google recaptcha v2 with params : captcha_site_key captcha_secret_key

you should reset configurations

rm -rf /var/www/site/back-end/db

/var/www/site/back-end/venv/bin/python /var/www/site/back-end/manage.py migrate

systemctl restart backend.service

systemctl restart user_stats.service
MahdiKashani94 commented 6 months ago

Thanks for your quick reply @mmtaee I've changed the google reCAPTCHA to v2, but the problem still exists.

besides, as I said before, I've installed the panel to use it with my pre-installed and configured ocserv. Is there any way to import the existing groups and users to the panel? I'm aware of the ocpasswd sync button in the users section but it also changes the user's password which is a bug I assume. plus I think exposing the user's passwords is a security mistake.

I hope my feedback helps :)

mmtaee commented 6 months ago

Thanks for your feedback

Is there any way to import the existing groups and users to the panel?

With the sync button you can pull your users into the panel with an unknown password (the password is already hashed by ocserv), but if you have groups that were not created by the panel, it will cause problems because when the button is pressed, it will try get users from the ospasswd file. When the user with the group does not exist in the database, it tries to create the user with group name defaults. sync-group can be a good idea for that.

The sync button does not change the password in the "ocpasswd" file. Stores user with password "ocserv password" in the database. User with password "password ocserv" tells you that this user was created by ocserv and not by panel.

The password display is only displayed in the panel for user management. The hash is stored in the ocpasswd file.

mmtaee commented 6 months ago

Captcha challenge failed fixed with commit: [536e85f6]