NC 14.0.0 beta 4, web login failed after upgrade from 13.0.5.2

[philippe-levan]

Steps to reproduce

1. upgrade from NC 13.0.5.2 to NC 14.0.0.16 with docker-compose pull
2. run ./occ upgrade from inside of the docker
3. go to the home page (https://mycloud/index.php/login?redirect_url=/index.php/apps/files/)
4. enter the login/passwd

Expected behaviour

I should enter and see the files of my nextcloud

Actual behaviour

I return on the login page without any error message

Note : everything works well for the file synchronisation, the caldav sync and the carddav sync. Only the web login is broken.

Note in the firefox console I see :

• a POST to https://mycloud/index.php/login?redirect_url=/index.php/apps/files/ with a 303 status code
• a GET to https://mycloud/index.php/apps/files/ with a 303 status code
• then a GET to https://mycloud/index.php/login?redirect_url=/index.php/apps/files/ with a 200 status code

Server configuration

Operating system:

• Debian 9 with docker.
• Nextcloud is installed with image nextcloud:14.0.0-beta
• this docker is behind a traefik reverse proxy
• it is running in http/2.0

$ cat docker-compose.yml 
version: '3'

services:
  db:
    image: mariadb
    restart: unless-stopped
    volumes:
      - ./data/db:/var/lib/mysql
    environment:
      - MYSQL_ROOT_PASSWORD=***
      - MYSQL_PASSWORD=***
      - MYSQL_DATABASE=owncloud
      - MYSQL_USER=owncloud

  app:
    image: nextcloud:14.0.0-beta
    volumes:
      - ./data/nextcloud:/var/www/html
    restart: unless-stopped
    labels:
      - "traefik.frontend.rule=Host:cloud.***.com"
      - "traefik.port=80"
      - "traefik.enable=true"

Web server:

Apache of your docker

Database:

MariaDb (10.3.9-MariaDB-1:10.3.9+maria~bionic)

PHP version:

PHP 7.2.9 (from your docker)

Nextcloud version: (see Nextcloud admin page)

14.0.0.16

Updated from an older Nextcloud/ownCloud or fresh install:

upgrade from Nextcloud 13.0.5.2

Where did you install Nextcloud from:

on a dedicated server on kimsufi.

Signing status:

I can't connect

List of activated apps:

App list

``` www-data@a5ce35f6d029:~/html$ ./occ app:list Enabled: - accessibility: 1.0.1 - activity: 2.7.0 - bruteforcesettings: 1.1.0 - calendar: 1.6.1 - cloud_federation_api: 0.0.1 - comments: 1.4.0 - contacts: 2.1.6 - dav: 1.6.0 - deck: 0.4.1 - federatedfilesharing: 1.4.0 - federation: 1.4.0 - files: 1.9.0 - files_external: 1.5.0 - files_markdown: 2.0.4 - files_pdfviewer: 1.3.2 - files_sharing: 1.6.2 - files_texteditor: 2.6.0 - files_trashbin: 1.4.1 - files_versions: 1.7.1 - files_videoplayer: 1.3.0 - firstrunwizard: 2.3.0 - gallery: 18.1.0 - logreader: 2.0.0 - lookup_server_connector: 1.2.0 - mail: 0.10.0 - mindmaps: 0.1.0 - music: 0.9.0 - nextcloud_announcements: 1.3.0 - notifications: 2.2.1 - oauth2: 1.2.1 - password_policy: 1.4.0 - provisioning_api: 1.4.0 - serverinfo: 1.4.0 - sharebymail: 1.4.0 - support: 1.0.0 - survey_client: 1.2.0 - systemtags: 1.4.0 - theming: 1.5.0 - twofactor_backupcodes: 1.3.0 - updatenotification: 1.4.1 - workflowengine: 1.4.0 Disabled: - admin_audit - audioplayer - drawio - encryption - onlyoffice - spreed - user_external - user_ldap ```

Nextcloud configuration:

Config report

``` www-data@a5ce35f6d029:~/html$ ./occ config:list { "system": { "instanceid": "***REMOVED SENSITIVE VALUE***", "passwordsalt": "***REMOVED SENSITIVE VALUE***", "trusted_domains": [ "cloud.***.com" ], "datadirectory": "***REMOVED SENSITIVE VALUE***", "dbtype": "mysql", "version": "14.0.0.16", "dbname": "***REMOVED SENSITIVE VALUE***", "dbhost": "***REMOVED SENSITIVE VALUE***", "dbtableprefix": "oc_", "dbuser": "***REMOVED SENSITIVE VALUE***", "dbpassword": "***REMOVED SENSITIVE VALUE***", "installed": true, "integrity.check.disabled": true, "loglevel": "0", "theme": "", "maintenance": false, "share_folder": "\/Shared", "forcessl": true, "mail_from_address": "***REMOVED SENSITIVE VALUE***", "mail_smtpmode": "php", "mail_domain": "***REMOVED SENSITIVE VALUE***", "secret": "***REMOVED SENSITIVE VALUE***", "updatechecker": false, "trashbin_retention_obligation": "auto", "htaccess.RewriteBase": "\/", "memcache.local": "\\OC\\Memcache\\APCu", "overwrite.cli.url": "https:\/\/cloud.***.com", "apps_paths": [ { "path": "\/var\/www\/html\/apps", "url": "\/apps", "writable": false }, { "path": "\/var\/www\/html\/custom_apps", "url": "\/custom_apps", "writable": true } ] }, "apps": { "accessibility": { "enabled": "yes", "installed_version": "1.0.1", "types": "" }, "activity": { "enabled": "yes", "installed_version": "2.7.0", "signed": "true", "types": "filesystem" }, "audioplayer": { "enabled": "no", "installed_version": "2.3.1", "types": "filesystem" }, "backgroundjob": { "lastjob": "35" }, "bruteforcesettings": { "enabled": "yes", "installed_version": "1.1.0", "types": "" }, "calendar": { "enabled": "yes", "installed_version": "1.6.1", "signed": "true", "types": "" }, "cloud_federation_api": { "enabled": "yes", "installed_version": "0.0.1", "types": "filesystem" }, "comments": { "enabled": "yes", "installed_version": "1.4.0", "types": "logging" }, "configreport": { "enabled": "no", "installed_version": "0.1.1", "types": "filesystem" }, "contacts": { "enabled": "yes", "installed_version": "2.1.6", "signed": "true", "types": "" }, "core": { "backgroundjobs_mode": "ajax", "global_cache_gc_lastrun": "1439034652", "installed.bundles": "[\"CoreBundle\"]", "installedat": "1405971745.208", "lastcron": "1535379729", "lastupdateResult": "{\"version\":\"14.0.0.17\",\"versionstring\":\"Nextcloud 14.0.0 RC 1\",\"url\":\"https:\\\/\\\/download.nextcloud.com\\\/server\\\/prereleases\\\/nextcloud-14.0.0RC1.zip\",\"web\":\"https:\\\/\\\/docs.nextcloud.com\\\/server\\\/13\\\/admin_manual\\\/maintenance\\\/upgrade.html\",\"changes\":\"https:\\\/\\\/updates.nextcloud.com\\\/changelog_server\\\/?version=14.0.0\",\"autoupdater\":\"1\",\"eol\":\"0\"}", "lastupdatedat": "1535314396", "moveavatarsdone": "yes", "oc.integritycheck.checker": "[]", "previewsCleanedUp": "1", "public_caldav": "calendar\/share.php", "public_calendar": "calendar\/share.php", "public_documents": "documents\/public.php", "public_files": "files_sharing\/public.php", "public_gallery": "gallery\/public.php", "public_webdav": "dav\/appinfo\/v1\/publicwebdav.php", "remote_caldav": "dav\/appinfo\/v1\/caldav.php", "remote_calendar": "dav\/appinfo\/v1\/caldav.php", "remote_carddav": "dav\/appinfo\/v1\/carddav.php", "remote_contacts": "dav\/appinfo\/v1\/carddav.php", "remote_core.css": "\/core\/minimizer.php", "remote_core.js": "\/core\/minimizer.php", "remote_dav": "dav\/appinfo\/v2\/remote.php", "remote_files": "dav\/appinfo\/v1\/webdav.php", "remote_filesync": "files\/appinfo\/filesync.php", "remote_webdav": "dav\/appinfo\/v1\/webdav.php", "repairlegacystoragesdone": "yes", "scss.variables": "a83364ea696ad9a93820ccdc149d9542", "vendor": "nextcloud" }, "dav": { "buildCalendarSearchIndex": "yes", "enabled": "yes", "installed_version": "1.6.0", "types": "filesystem" }, "deck": { "enabled": "yes", "installed_version": "0.4.1", "types": "" }, "documents": { "converter": "local", "enabled": "no", "installed_version": "0.9.0", "ocsid": "168711", "types": "" }, "drawio": { "enabled": "no", "installed_version": "0.9.0", "types": "filesystem" }, "federatedfilesharing": { "enabled": "yes", "installed_version": "1.4.0", "types": "" }, "federation": { "enabled": "yes", "installed_version": "1.4.0", "types": "authentication" }, "files": { "backgroundwatcher_previous_file": "60", "backgroundwatcher_previous_folder": "58", "cronjob_scan_files": "500", "enabled": "yes", "installed_version": "1.9.0", "types": "filesystem" }, "files_external": { "enabled": "yes", "installed_version": "1.5.0", "types": "filesystem" }, "files_markdown": { "enabled": "yes", "installed_version": "2.0.4", "types": "" }, "files_pdfviewer": { "enabled": "yes", "installed_version": "1.3.2", "signed": "true", "types": "" }, "files_sharing": { "enabled": "yes", "installed_version": "1.6.2", "types": "filesystem" }, "files_texteditor": { "enabled": "yes", "installed_version": "2.6.0", "signed": "true", "types": "" }, "files_trashbin": { "enabled": "yes", "installed_version": "1.4.1", "types": "filesystem,dav" }, "files_versions": { "enabled": "yes", "installed_version": "1.7.1", "types": "filesystem,dav" }, "files_videoplayer": { "enabled": "yes", "installed_version": "1.3.0", "types": "" }, "files_videoviewer": { "enabled": "no", "installed_version": "0.1.3", "ocsid": "166054", "types": "" }, "firstrunwizard": { "enabled": "yes", "installed_version": "2.3.0", "types": "logging" }, "gallery": { "enabled": "yes", "installed_version": "18.1.0", "signed": "true", "types": "" }, "logreader": { "enabled": "yes", "installed_version": "2.0.0", "ocsid": "170871", "types": "" }, "lookup_server_connector": { "enabled": "yes", "installed_version": "1.2.0", "types": "authentication" }, "mail": { "enabled": "yes", "installed_version": "0.10.0", "types": "" }, "market": { "enabled": "no", "installed_version": "0.2.4", "types": "" }, "mindmaps": { "enabled": "yes", "installed_version": "0.1.0", "types": "" }, "music": { "enabled": "yes", "installed_version": "0.9.0", "ocsid": "164319", "types": "filesystem" }, "nextcloud_announcements": { "enabled": "yes", "installed_version": "1.3.0", "pub_date": "Sat, 10 Dec 2016 00:00:00 +0100", "types": "logging" }, "notifications": { "enabled": "yes", "installed_version": "2.2.1", "types": "logging" }, "oauth2": { "enabled": "yes", "installed_version": "1.2.1", "types": "authentication" }, "onlyoffice": { "DocumentServerInternalUrl": "https:\/\/office.***.com\/", "DocumentServerUrl": "https:\/\/office.***.com\/", "StorageUrl": "https:\/\/office.***.com\/", "defFormats": "{\"docx\":\"true\",\"xlsx\":\"true\",\"pptx\":\"true\",\"ppsx\":\"true\",\"txt\":\"false\",\"csv\":\"false\"}", "enabled": "no", "installed_version": "1.3.0", "jwt_secret": "", "sameTab": "false", "settings_error": "Bad Request or timeout error", "skey": "1532546972403", "types": "filesystem" }, "password_policy": { "enabled": "yes", "installed_version": "1.4.0", "types": "" }, "provisioning_api": { "enabled": "yes", "installed_version": "1.4.0", "types": "prevent_group_restriction" }, "search_lucene": { "enabled": "no", "installed_version": "0.6.0", "ocsid": "168709", "types": "filesystem" }, "serverinfo": { "enabled": "yes", "installed_version": "1.4.0", "types": "" }, "sharebymail": { "enabled": "yes", "installed_version": "1.4.0", "types": "filesystem" }, "spreed": { "enabled": "no", "installed_version": "3.2.5", "stun_servers": "[\"stun.nextcloud.com:443\"]", "types": "prevent_group_restriction" }, "support": { "enabled": "yes", "installed_version": "1.0.0", "types": "" }, "survey_client": { "enabled": "yes", "installed_version": "1.2.0", "types": "" }, "systemtags": { "enabled": "yes", "installed_version": "1.4.0", "types": "logging" }, "templateeditor": { "enabled": "no", "installed_version": "0.3", "signed": "true", "types": "" }, "theming": { "cachebuster": "6", "color": "#A10000", "enabled": "yes", "installed_version": "1.5.0", "name": "***", "slogan": "", "types": "logging", "url": "https:\/\/cloud.***.com" }, "twofactor_backupcodes": { "enabled": "yes", "installed_version": "1.3.0", "types": "" }, "updatenotification": { "core": "14.0.0.17", "deck": "0.4.0", "drawio": "0.9.0", "enabled": "yes", "installed_version": "1.4.1", "mail": "0.8.3", "spreed": "3.2.5", "types": "", "update_check_errors": "0" }, "updater": { "enabled": "no", "installed_version": "0.6", "types": "" }, "workflowengine": { "enabled": "yes", "installed_version": "1.4.0", "types": "filesystem" } } } ```

Are you using external storage, if yes which one: local/smb/sftp/...

Are you using encryption: yes/no

Are you using an external user-backend, if yes which one: LDAP/ActiveDirectory/Webdav/...

LDAP configuration (delete this part if not used)

LDAP config

``` With access to your command line run e.g.: sudo -u www-data php occ ldap:show-config from within your Nextcloud installation folder Without access to your command line download the data/owncloud.db to your local computer or access your SQL server remotely and run the select query: SELECT * FROM `oc_appconfig` WHERE `appid` = 'user_ldap'; Eventually replace sensitive data as the name/IP-address of your LDAP server or groups. ```

Client configuration

Browser:

Operating system:

Logs

Web server error log

Web server error log

``` app_1 | 172.23.0.1 - - [27/Aug/2018:14:28:26 +0000] "POST /index.php/login?redirect_url=/index.php/apps/files/ HTTP/1.1" 303 1370 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:61.0) Gecko/20100101 Firefox/61.0" app_1 | 172.23.0.1 - - [27/Aug/2018:14:28:26 +0000] "GET /index.php/apps/files/ HTTP/1.1" 303 1603 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:61.0) Gecko/20100101 Firefox/61.0" app_1 | 172.23.0.1 - - [27/Aug/2018:14:28:26 +0000] "GET /index.php/login?redirect_url=/index.php/apps/files/ HTTP/1.1" 200 5032 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:61.0) Gecko/20100101 Firefox/61.0" app_1 | 172.23.0.1 - - [27/Aug/2018:14:28:28 +0000] "GET /cron.php HTTP/1.1" 200 859 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:61.0) Gecko/20100101 Firefox/61.0" ```

Nextcloud log (data/nextcloud.log)

Nextcloud log

``` {"reqId":"83l63oSLztbJVjP49OFV","level":0,"time":"2018-08-27T14:07:03+00:00","remoteAddr":"193.248.169.8","user":"--","app":"core","method":"GET","url":"\/index.php\/apps\/files\/","message":{"Exce ption":"OC\\AppFramework\\Middleware\\Security\\Exceptions\\NotLoggedInException","Message":"Current user is not logged in","Code":401,"Trace":[{"file":"\/var\/www\/html\/lib\/private\/AppFramework \/Middleware\/MiddlewareDispatcher.php","line":95,"function":"beforeController","class":"OC\\AppFramework\\Middleware\\Security\\SecurityMiddleware","type":"->","args":[{"__class__":"OCA\\Files\\Co ntroller\\ViewController"},"index"]},{"file":"\/var\/www\/html\/lib\/private\/AppFramework\/Http\/Dispatcher.php","line":98,"function":"beforeController","class":"OC\\AppFramework\\Middleware\\Midd lewareDispatcher","type":"->","args":[{"__class__":"OCA\\Files\\Controller\\ViewController"},"index"]},{"file":"\/var\/www\/html\/lib\/private\/AppFramework\/App.php","line":118,"function":"dispatc h","class":"OC\\AppFramework\\Http\\Dispatcher","type":"->","args":[{"__class__":"OCA\\Files\\Controller\\ViewController"},"index"]},{"file":"\/var\/www\/html\/lib\/private\/AppFramework\/Routing\/ RouteActionHandler.php","line":47,"function":"main","class":"OC\\AppFramework\\App","type":"::","args":["ViewController","index",{"__class__":"OC\\AppFramework\\DependencyInjection\\DIContainer"},{ "_route":"files.view.index"}]},{"function":"__invoke","class":"OC\\AppFramework\\Routing\\RouteActionHandler","type":"->","args":[{"_route":"files.view.index"}]},{"file":"\/var\/www\/html\/lib\/pri vate\/Route\/Router.php","line":297,"function":"call_user_func","args":[{"__class__":"OC\\AppFramework\\Routing\\RouteActionHandler"},{"_route":"files.view.index"}]},{"file":"\/var\/www\/html\/lib\ /base.php","line":989,"function":"match","class":"OC\\Route\\Router","type":"->","args":["\/apps\/files\/"]},{"file":"\/var\/www\/html\/index.php","line":42,"function":"handleRequest","class":"OC", "type":"::","args":[]}],"File":"\/var\/www\/html\/lib\/private\/AppFramework\/Middleware\/Security\/SecurityMiddleware.php","Line":143,"CustomMessage":"--"},"userAgent":"Mozilla\/5.0 (X11; Ubuntu; Linux x86_64; rv:61.0) Gecko\/20100101 Firefox\/61.0","version":"14.0.0.16"} ```

Browser log

Browser log

``` Insert your browser log here, this could for example include: a) The javascript console log Content Security Policy: The page’s settings blocked the loading of a resource at self (“script-src”). Source: ;(function installGlobalHook(window) { .... login:1 JQMIGRATE: Migrate is installed, version 1.4.0 b) The network log 303 POST login?redirect_url=/index.php/apps/files/ → 427 ms 303 GET /index.php/apps/files/ → 74 ms 200 GET login?redirect_url=/index.php/apps/files/ → 92 ms ```

[nextcloud-bot]

GitMate.io thinks possibly related issues are https://github.com/nextcloud/server/issues/9911 (Nextcloud upgrade to 13.0.4 Failed), https://github.com/nextcloud/server/issues/7552 (Upgrade to 12.0.4 failed ), https://github.com/nextcloud/server/issues/5238 (Cant sync - Precondition failed after upgrade from 11.0.2 to 12.0), https://github.com/nextcloud/server/issues/8754 (White page / Error 500 after Upgrade from Nextcloud 12.0.4 to 13 ), and https://github.com/nextcloud/server/pull/10350 (13.0.5).

[philippe-levan]

I just checked all these issues and PR. They are not related to this issue.

[philippe-levan]

I just upgraded to the docker image 14.0.0-rc.

I have the same issue with the version 14.0.0 RC 1.

I don't believe it could have an impact, but I have a warning on the memory_limit when I type "occ -V". We are 4 people on the instance and very few trafic : CalDav, CardDav, file sync. (And few web accesses when it works :-) ).

www-data@a3e2ca833741:~/html$ ./occ -V
The current PHP memory limit is below the recommended value of 512MB.
*** 14.0.0 RC 1
root@a3e2ca833741:~# php -i | grep memory_limit
memory_limit => 128M => 128M

[philippe-levan]

I ran a debugger to try to understand the problem but it remains strange :

On the POST request, the login seems ok : In the lib/Session.php in the completeLogin method, the $this->isLoggedIn() returns true

Then we have a 303 to the GET /index.php/apps/files/

in the GET request, in lib/base.php \OC::$server->getUserSession()->isLoggedIn() returns false just like if the session was not saved...

There is a session file (sess_xxx) with the right date in the /tmp/ dir of the container. It seems there is some issue with session persistence, but I don't know what.

My session file is encrypted. encrypted_session_data|s:370:"61b623b64db80a653a7[removed]";

[MorrisJobke]

cc @skjnldsv @rullzer

[matt-horwood-mayden]

If it helps I have the same issue here, but not on 14, just updated to 13.0.6 from 13.0.5. Also had the issue in 13.0.5!

deb 9 pi nginx/1.12.2 MySQL 5.5.60 PHP 7.0.30

[matt-horwood-mayden]

ok, have just updated PHP7.0 on me pi and now working.

Not sure what version I was on, but it looked to have bust sessions.

[philippe-levan]

hi @matt-horwood-mayden,

Thanks for you info. I'm using PHP 7.2.9. I can't change this version because I'm using the docker image provided by nextcloud.

Best regards, Philippe

[philippe-levan]

Hi,

I did two tests :

• I upgraded my docker-compose.yml to the image 14.0.0 (stable)
• I tried to use the docker image 14.0.0-fpm (with nginx as a reverse proxy and traefik in front as https proxy)

With these two tests, I still have the same issue.

Best regards, Philippe

[skjnldsv]

@philippe-levan Are you able to login in the end? Or is it always like that?

Also, have you tried clearing your cookies?

[philippe-levan]

@skjnldsv : no, I am not able to login on the web UI.

I already tried to clear my cookies. I also tried to use the private mode of Firefox and Chrome. It still doesn't work.

[philippe-levan]

This issue seems to be the same issue than https://github.com/nextcloud/server/issues/11114

[skjnldsv]

Can you check out https://github.com/owncloud/core/issues/26828?

[philippe-levan]

@skjnldsv : I checked the issue 16828. It doesn't seem to be related.

my session.auto_start is already to Off I tried to remove the 'memcache.local' from the config.php.

It doesn't solve the issue.

Note : I'm using the official docker image of nextcloud without modification (on my production server), without any modification of the php.ini.

[skjnldsv]

Ah ok. If you create another user, can you login in with it?

[jsalort]

Same issue here running Ubuntu 16.04.5 LTS and upgrading from Nextcloud 13.0.6 to Nextcloud 14 from the stable channel. I am running php 7.0.30, mysql 14.14, apache2 with http/2.

The error message in nextcloud.log seems to be a little bit different though:

{"reqId":"1ZAeW7QUC3eIsplzeAwI","level":0,"time":"2018-09-10T15:10:05+00:00","remoteAddr":"90.65.167.245","user":"--","app":"PHP","method":"GET","url":"\/index.php\/apps\/files\/","message":"A session had already been started - ignoring session_start() at \/home\/jsalort\/owncloud\/lib\/private\/Session\/Internal.php#205","userAgent":"Mozilla\/5.0 (Macintosh; Intel Mac OS X 10.13; rv:62.0) Gecko\/20100101 Firefox\/62.0","version":"14.0.0.19"}

I cannot find any useful error message in the logs.

[philippe-levan]

@skjnldsv : I just tried to create a new user (with ./occ user:add test).

I have the same problem with the new user.

[skjnldsv]

@philippe-levan Damn! Did you do a occ maintenance:repair ?

[philippe-levan]

@skjnldsv :

occ maintenance:repair does not solve the problem.

here is the output of the command.

www-data@a3e2ca833741:~/html$ ./occ maintenance:repair
The current PHP memory limit is below the recommended value of 512MB.
 - Repair MySQL collation
     - All tables already have the correct collation -> nothing to do
 - Repair mime types
 - Clean tags and favorites
     - 0 tags of deleted users have been removed.
     - 0 tags for delete files have been removed.
     - 0 tag entries for deleted tags have been removed.
     - 0 tags with no entries have been removed.
 - Repair invalid shares
 - Remove shares of a users root folder
 - Move .step file of updater to backup location
 - Fix potential broken mount points
     - No mounts updated
 - Repair invalid paths in file cache
 - Add log rotate job
 - Clear frontend caches
     - Image cache cleared
     - SCSS cache cleared
     - JS cache cleared
 - Add preview background cleanup job
 - Queue a one-time job to cleanup old backups of the updater
 - Repair pending cron jobs
     - No need to repair pending cron jobs.
 - Fix component of birthday calendars
     - 7 birthday calendars updated.
 - Fix broken values of calendar objects
    0 [>---------------------------]
 - Registering building of calendar search index as background job
     - Repair step already executed
 - Delete orphaned ACL rules
 - Fix the share type of guest shares when migrating from ownCloud
 - Copy the share password into the dedicated column
 - Purify and migrate collected mail addresses
    0 [>---------------------------]
 - Update OAuth token expiration times
www-data@a3e2ca833741:~/html$ 

[skjnldsv]

Was worth a shot ¯_(ツ)_/¯

[janKir]

Same issue here. Updated my private nextcloud instance on a shared hoster from 13.0.5 or so to 14.0.0

My nextcloud log has the following line after an failed login:

{"reqId":"W5a1u1UNgZkAAD-1DzcAAAAB","level":0,"time":"2018-09-10T18:19:39+00:00","remoteAddr":"80.135.152.224","user":"--","app":"core","method":"GET","url":"\/index.php\/apps\/files\/","message":{"Exception":"OC\AppFramework\Middleware\Security\Exceptions\NotLoggedInException","Message":"Current user is not logged in","Code":401,"Trace":[{"file":"\/www\/path\/to\/nextcloud\/lib\/private\/AppFramework\/Middleware\/MiddlewareDispatcher.php","line":95,"function":"beforeController","class":"OC\AppFramework\Middleware\Security\SecurityMiddleware","type":"->","args":[{"class":"OCA\Files\Controller\ViewController"},"index"]},{"file":"\/www\/path\/to\/nextcloud\/lib\/private\/AppFramework\/Http\/Dispatcher.php","line":98,"function":"beforeController","class":"OC\AppFramework\Middleware\MiddlewareDispatcher","type":"->","args":[{"class":"OCA\Files\Controller\ViewController"},"index"]},{"file":"\/www\/path\/to\/nextcloud\/lib\/private\/AppFramework\/App.php","line":118,"function":"dispatch","class":"OC\AppFramework\Http\Dispatcher","type":"->","args":[{"class":"OCA\Files\Controller\ViewController"},"index"]},{"file":"\/www\/path\/to\/nextcloud\/lib\/private\/AppFramework\/Routing\/RouteActionHandler.php","line":47,"function":"main","class":"OC\AppFramework\App","type":"::","args":["ViewController","index",{"class":"OC\AppFramework\DependencyInjection\DIContainer"},{"_route":"files.view.index"}]},{"function":"__invoke","class":"OC\AppFramework\Routing\RouteActionHandler","type":"->","args":[{"_route":"files.view.index"}]},{"file":"\/www\/path\/to\/nextcloud\/lib\/private\/Route\/Router.php","line":297,"function":"call_user_func","args":[{"class":"OC\AppFramework\Routing\RouteActionHandler"},{"_route":"files.view.index"}]},{"file":"\/www\/path\/to\/nextcloud\/lib\/base.php","line":989,"function":"match","class":"OC\Route\Router","type":"->","args":["\/apps\/files\/"]},{"file":"\/www\/path\/to\/nextcloud\/index.php","line":42,"function":"handleRequest","class":"OC","type":"::","args":[]}],"File":"\/www\/path\/to\/nextcloud\/lib\/private\/AppFramework\/Middleware\/Security\/SecurityMiddleware.php","Line":143,"CustomMessage":"--"},"userAgent":"Mozilla\/5.0 (Windows NT 10.0; Win64; x64; rv:62.0) Gecko\/20100101 Firefox\/62.0","version":"14.0.0.19"}

[ChristophWurst]

I can't reproduce, neither on my production instance, nor my dev instance, nor a quick-and-dirty test instance.

Could someone please inspect the login request and show a screenshot of the cookies set by the server? I wonder if all required cookies are set and if the expiration date is correct.

[ChristophWurst]

(Note that you might want to tick Persist logs to prevent logs being flushed due to the redirect.)

On my working test instance, these cookies are set:

[gleamicus]

Having the same issue as everyone else. Here are the cookies in response to the login and then in response to the /files/apps/ request:

Looking on the server, the session files matching the cookies get created and the 2mk one seems to have considerably more data in it than the others, so it's definitely getting persisted to disk. I threw some quick debugging into isLoggedIn and it's returning false because $user is null, not because it's not enabled.

[ChristophWurst]

I threw some quick debugging into isLoggedIn and it's returning false because $user is null, not because it's not enabled.

Thanks a lot for these insights. Are you referring to https://github.com/nextcloud/server/blob/a94dc760e800e45b59e1756a29b3848ce1a5fbb2/lib/private/User/Session.php#L273?

[ChristophWurst]

You'd help us a lot if you could step through https://github.com/nextcloud/server/blob/a94dc760e800e45b59e1756a29b3848ce1a5fbb2/lib/private/User/Session.php#L219-L236 to see which case causes the user to be null.

[marius-rothenbuecher]

Line: 228 returns null, because is_null($uid) returns true

[ChristophWurst]

Thank you, @marius-rothenbuecher!

[marius-rothenbuecher]

I was wrong, $uid is not null. The problem is that is_null($this->activeUser) in line 231 returns true. Tried to comment out the activeUser null check => Does not help because validateSession() will fail. When directly returning without any checking, it works (temporary fix now):

return $this->manager->get($this->session->get('user_id'));

[ChristophWurst]

Very interesting findings, @marius-rothenbuecher. Thanks a lot!

So this means the user manager is unable to locate the user object. Could you check if the uid at https://github.com/nextcloud/server/blob/a94dc760e800e45b59e1756a29b3848ce1a5fbb2/lib/private/User/Session.php#L226 is actually correct?

[marius-rothenbuecher]

Debugged further. Everything works fine when just commenting out the line 234: validateSession() validateSession will logout the user and then probably set activeUser and user_id to null.

[jsalort]

I have just tried @marius-rothenbuecher workaround (commenting out line 234) and I am glad to report that it works for me as well.

[ChristophWurst]

Wait a sec. You said that $this->activeUser is null at https://github.com/nextcloud/server/blob/a94dc760e800e45b59e1756a29b3848ce1a5fbb2/lib/private/User/Session.php#L231. However, that would make it impossible to reach line https://github.com/nextcloud/server/blob/a94dc760e800e45b59e1756a29b3848ce1a5fbb2/lib/private/User/Session.php#L234. Please clarify.

[ChristophWurst]

@marius-rothenbuecher you'd help us a lot if you could step through https://github.com/nextcloud/server/blob/a94dc760e800e45b59e1756a29b3848ce1a5fbb2/lib/private/User/Session.php#L246-L262 and https://github.com/nextcloud/server/blob/a94dc760e800e45b59e1756a29b3848ce1a5fbb2/lib/private/User/Session.php#L717-L740 to see where it actually fails to validate the session token.

[marius-rothenbuecher]

I was wrong with activeUser is null, sorry. It is only set to null after validateSession is called.

However validateSession() is calling validateToken() Inside validateToken a InvalidTokenException is thrown but catched (without logging).

[ChristophWurst]

Inside validateToken a InvalidTokenException is thrown but catched (without logging).

Thanks for the info. I'm digging deeper …

[ChristophWurst]

It's either https://github.com/nextcloud/server/blob/82959ca93e229e1f16e1843cd4a2f7523b8ac0bf/lib/private/Authentication/Token/DefaultTokenProvider.php#L162 or https://github.com/nextcloud/server/blob/47b46fa69db7d569f871e6325c2874d13f336a81/lib/private/Authentication/Token/PublicKeyTokenProvider.php#L80 that throws the exception I suppose.

[ChristophWurst]

@marius-rothenbuecher any chance you could share a stack trace from that exception? E.g. with the help of your debugger or by removing the try-catch?

I wonder if https://github.com/nextcloud/server/blob/82959ca93e229e1f16e1843cd4a2f7523b8ac0bf/lib/private/Authentication/Token/Manager.php#L120 is the path where it fails.

[ChristophWurst]

Btw, the report at https://github.com/nextcloud/server/issues/11114 is indeed very similar. IMO it's a duplicate of this. I'm still unable to reproduce this locally, though.

[marius-rothenbuecher]

In server/lib/private/Authentication/Token/Manager.php:120 $token is empty but $tokenId is set. Since I don't know much about PHP, what debugger can I use?

[BernieO]

I am the one who opened #11114 and I am willing to help, but I absolutely don‘t have any experience how to properly debug php code. I can change code in my installation and test the changes. What I also could do is pack my installation as zip file and upload it somewhere, if that would help. It is only a test installation (SQLite3, datafolder inside nextcloud folder) with some dummy users - no problem to share user credentials. Config.php needs to be adapted though to new environment. Let me know if I should do that @ChristophWurst

[ChristophWurst]

What I also could do is pack my installation as zip file and upload it somewhere, if that would help. It is only a test installation (SQLite3, datafolder inside nextcloud folder) with some dummy users - no problem to share user credentials. Config.php needs to be adapted though to new environment. Let me know if I should do that @ChristophWurst

Yes, please share that with me via email or share link to that email and I'll have a closer look. Please pack all files, even the config because it's necessary to decrypt database values.

[BernieO]

@ChristophWurst I just sent you an email with a link to the zipped installation (including datafolder and config.php) and according usernames/passwords

[ChristophWurst]

@BernieO thanks a ton for this zip, I'm finally able to reproduce the issue :robot:

[ChristophWurst]

Bingo! Tracked down the issue.

Apparently this has even been fixed, but just for Nextcloud 15: https://github.com/nextcloud/server/pull/11104

[ChristophWurst]

Oh, @rullzer even backported it: https://github.com/nextcloud/server/pull/11103.

[ChristophWurst]

Could the effected users please verify that this fixes their issue? You can find a patch here: https://patch-diff.githubusercontent.com/raw/nextcloud/server/pull/11103.patch :rocket:

[BernieO]

I can confirm that #11103 solves the issue on my two affected testing instances (SQLite3 + PostgreSQL) for which I opened #11114. In my opinion #11114 can be closed Thanks for the quick fix 👍 - glad I could help!

[Troublicious]

Having the same issue, the 11103 patch does not change anything ! Just updated today to version '14.0.0.19'

[nickvergessen]

The patch is not part of 14.0.0.19, but will be part of 14.0.1

Im closing this as per above