search

mongo-express / mongo-express-docker

a dockerized mongo-express for viewing mongoDB in the browser
MIT License
198 stars 93 forks source link

mongo express simple access does not work anymore #105

Open Verizane opened 8 months ago

Verizane commented 8 months ago

Hi,

a few months before I used the following compose to start a simple mongo-express and mongodb setup for local usage:

version: '3.1'

services:

  mongo:
    image: mongo
    restart: always
    ports:
      - 27017:27017
    environment:
      MONGO_INITDB_ROOT_USERNAME: root
      MONGO_INITDB_ROOT_PASSWORD: example

  mongo-express:
    image: mongo-express
    restart: always
    ports:
      - 8081:8081
    environment:
      ME_CONFIG_MONGODB_ADMINUSERNAME: root
      ME_CONFIG_MONGODB_ADMINPASSWORD: example
      ME_CONFIG_MONGODB_URL: mongodb://root:example@mongo:27017/

up until now it was working as expected, I could use the mongo express to access the database information without authentication.

Now a colleague and I tried it again with clean images and it does not work anymore.

Has the default authentication changed?

fsklenar commented 8 months ago

Hi,

same for me - I am not able to connect to DB.

duncan-tincello commented 8 months ago

Hello, same here.

monsterkrampe commented 8 months ago

I had a similar (maybe the same) issue. For me, this is related to #87. Version 1.0.0 of mongo-express makes it impossible to disable basic authentication. https://github.com/mongo-express/mongo-express/issues/969 https://github.com/mongo-express/mongo-express/pull/975 (I had mongo-express running behind traefik with basic auth and almost lost it since basic auth dialogues kept popping up all the time despite the correct credentials for the traefik middleware. I'm now not using the traefik middleware anymore and just set the appropriate credentials for the mongo-express basic auth via environment variables.)

This specific issue should be resolved in Version 1.0.1 or higher.

duncan-tincello commented 8 months ago

I just noticed this in the Docker logs: basicAuth credentials are "admin:pass", it is recommended you change this in your config.js! The credentials admin/pass work for me.

monsterkrampe commented 8 months ago

True, admin:pass works by default. You can also set different credentials with the environment variables ME_CONFIG_BASICAUTH_USERNAME and ME_CONFIG_BASICAUTH_PASSWORD but you cannot disable it entirely even if you set this to empty strings apparently.

MiladZarour commented 7 months ago

I am not sure if I have the same error, I am learning docker, and I want to create a new docker for mongo-express using this command : docker run -d -p 8081:8081 -e ME_CONFIG_MONGODB_ADMINUSERNAME=admin -e ME_CONFIG_MONGODB_ADMINPASSWORD=password --net mongo-network --name mongo-express -e ME_CONFIG_MONGODB_SERVER=mongodb mongo-express

After that , tried to localhost:8081 , and it is asking me for username and password so I write the username : admin , and the password : password

and for some reason it is not accepting it !

is that somehow similar here ?

MiladZarour commented 7 months ago

aaah , I just read the comment above me , it says admin:pass I tried that , and it works ! not sure why ! maybe I should set those environment varilabes : ME_CONFIG_BASICAUTH_USERNAME ME_CONFIG_BASICAUTH_PASSWORD ?

PoseidonOstravy commented 6 months ago

I am encountering an "Unauthorized" issue similar to what's been discussed in this thread using basicaly same yaml. Despite setting up the environment variables for admin credentials correctly in my docker-compose.yml, Mongo-Express displayed an "Unauthorized" message when attempting to access in web browser for me and several colleagues.

I noticed in the discussion that as of version 1.0.0 of mongo-express, it's no longer possible to disable basic authentication, which might be leading to the unauthorized issues..

Interestingly, the issue seems to have resolved itself as we are now able to access Mongo-Express without the unauthorized message (and that make us scared). Could there have been any changes or updates in the background that resolved this issue? Has anyone else experienced a similar sudden resolution?

EDIT: Found root cause - corporate overlords disabled basic auth in Edge with a policy. Solution - use other browser then Edge when expecting basic auth

BlackthornYugen commented 5 months ago

Has the default authentication changed?

The default is now to require a password, but you can disable it with ME_CONFIG_BASICAUTH=false. Currently the default credentials are admin:pass but in a future enhancement a random password I'd like to log a random password if a password isn't set. For users that don't want any password they can disable BASICAUTH or set a fixed password.

Sarath61 commented 5 months ago

aaah , I just read the comment above me , it says admin:pass I tried that , and it works ! not sure why ! maybe I should set those environment varilabes : ME_CONFIG_BASICAUTH_USERNAME ME_CONFIG_BASICAUTH_PASSWORD ?

I was unable to login after ME_CONFIG_BASICAUTH_USERNAME ME_CONFIG_BASICAUTH_PASSWORD using these env variables also what changes you made in previous command you mention above to work ??