search

nicolewhite / neo4j-flask

Flaskr Extended with Neo4j and Py2neo.
http://nicolewhite.github.io/neo4j-flask/
312 stars 113 forks source link

Error: "py2neo.error.Unauthorized" #3

Closed WNiels closed 9 years ago

WNiels commented 9 years ago

Hi, when testing the app in the browser (i did not follow the deploy to heroku step) i get this error message:

py2neo.error.Unauthorized
py2neo.error.Unauthorized: http://localhost:7474/db/data/

and a traceback list:

Traceback (most recent call last):
  File "C:\Users\Niels\Anaconda3\lib\site-packages\flask\app.py", line 1836, in __call__
    return self.wsgi_app(environ, start_response)
  File "C:\Users\Niels\Anaconda3\lib\site-packages\flask\app.py", line 1820, in wsgi_app
    response = self.make_response(self.handle_exception(e))
  File "C:\Users\Niels\Anaconda3\lib\site-packages\flask\app.py", line 1403, in handle_exception
    reraise(exc_type, exc_value, tb)
  File "C:\Users\Niels\Anaconda3\lib\site-packages\flask\_compat.py", line 33, in reraise
    raise value
  File "C:\Users\Niels\Anaconda3\lib\site-packages\flask\app.py", line 1817, in wsgi_app
    response = self.full_dispatch_request()
  File "C:\Users\Niels\Anaconda3\lib\site-packages\flask\app.py", line 1477, in full_dispatch_request
    rv = self.handle_user_exception(e)
  File "C:\Users\Niels\Anaconda3\lib\site-packages\flask\app.py", line 1381, in handle_user_exception
    reraise(exc_type, exc_value, tb)
  File "C:\Users\Niels\Anaconda3\lib\site-packages\flask\_compat.py", line 33, in reraise
    raise value
  File "C:\Users\Niels\Anaconda3\lib\site-packages\flask\app.py", line 1475, in full_dispatch_request
    rv = self.dispatch_request()
  File "C:\Users\Niels\Anaconda3\lib\site-packages\flask\app.py", line 1461, in dispatch_request
    return self.view_functions[rule.endpoint](**req.view_args)
  File "C:\Users\Niels\Documents\Visual Studio 2015\Projects\neo4j_an_d3\neo4j_and_flask\neo4j_and_flask\blog\views.py", line 9, in index
    posts = get_todays_recent_posts()
  File "C:\Users\Niels\Documents\Visual Studio 2015\Projects\neo4j_an_d3\neo4j_and_flask\neo4j_and_flask\blog\models.py", line 41, in get_todays_recent_posts
    posts = graph.cypher.execute(query, today = date())
  File "C:\Users\Niels\Anaconda3\lib\site-packages\py2neo\core.py", line 667, in cypher
    metadata = self.resource.metadata
  File "C:\Users\Niels\Anaconda3\lib\site-packages\py2neo\core.py", line 213, in metadata
    self.get()
  File "C:\Users\Niels\Anaconda3\lib\site-packages\py2neo\core.py", line 261, in get
    raise Unauthorized(self.uri.string)
py2neo.error.Unauthorized: http://localhost:7474/db/data/

I also testet the login credentials as described in the py2neo essentials

$ neoauth neo4j my-p4ssword
Password change not required

It would be nice if you could help me out with this.

Btw. thanks for the great tutorial!

nicolewhite commented 9 years ago

Hello,

Thanks for the kind words. Is this occurring after following the steps in the README? It reads:

If you're on Neo4j >= 2.2, make sure to set environment variables NEO4J_USERNAME and NEO4J_PASSWORD to your username and password, respectively:

export NEO4J_USERNAME=username
export NEO4J_PASSWORD=password

Or, set dbms.security.auth_enabled=false in conf/neo4j-server.properties.

WNiels commented 9 years ago

I think so. Installed a fresh neo4j set the username and password and added them in the moddels.py:

import os
import uuid

username = os.environ.get('neo4j')
password = os.environ.get('my_password')
url = 'http://localhost:7474'

if username and password:
    authenticate(url.strip('http://'), username, password)

graph = Graph(url + '/db/data/')
nicolewhite commented 9 years ago

Ah. So, os.environ reads from environment variables. neo4j and my_password are not environment variables. If you want to set the username and password explicitly, do:

username = 'neo4j'
password = 'my_password'

This is fine since you're just playing with the app locally. In production, however, this isn't recommended because it's not secure to have your username and password in the app. It's preferable to set them as environment variables:

$ export NEO4J_USERNAME=username
$ export NEO4J_PASSWORD=password

Then use os.environ to read those environment variables:

username = os.environ.get('NEO4J_USERNAME')
password = os.environ.get('NEO4J_PASSWORD')
WNiels commented 9 years ago

Thanks! I went with disabeling the authentication while playing around ;)

But now i get the next error messages with Windows 10 and Anaconda 3.4:

builtins.ValueError
ValueError: Invalid format string
def date():
23      return datetime.now().strftime('%F')

Changing the time format seems to work here.

The last error occurring is the following:

builtins.TypeError
TypeError: Unicode-objects must be encoded before hashing

I tried to encode the password, but it does not seem to work

def register(self, password):
        if not self.find():
            user = Node("User", username=self.username, password=bcrypt.encrypt(password.encode('utf-8')))
            graph.create(user)
            return True
        else:
            return False
nicolewhite commented 9 years ago

I'd have to spin this up on my Windows machine to troubleshoot. Perhaps bypass bcrypt for now?

class User:
    def __init__(self, username):
        self.username = username

    ...

    def register(self, password):
        if not self.find():
            user = Node("User", username=self.username, password=password)
            graph.create(user)
            return True
        else:
            return False

    def verify_password(self, password):
        user = self.find()
        if user:
            return password == user['password']
        else:
            return False
WNiels commented 9 years ago

I changed the hash to

sha256

This seems to work,

cjduncana commented 8 years ago

I seem to be having the same problem in Ubuntu. I have followed the instructions for the environment username and password and for the cloning and running of the application. I get the same error though:

Traceback (most recent call last):
  File "run.py", line 1, in <module>
    from blog import app
  File "/home/user/Documents/neo4j-flask/blog/__init__.py", line 9, in <module>
    create_uniqueness_constraint("User", "username")
  File "/home/user/Documents/neo4j-flask/blog/__init__.py", line 7, in create_uniqueness_constraint
    graph.cypher.execute(query)
  File "/home/user/.virtualenvs/neo4j-flask/local/lib/python2.7/site-packages/py2neo/core.py", line 659, in cypher
    metadata = self.resource.metadata
  File "/home/user/.virtualenvs/neo4j-flask/local/lib/python2.7/site-packages/py2neo/core.py", line 213, in metadata
    self.get()
  File "/home/user/.virtualenvs/neo4j-flask/local/lib/python2.7/site-packages/py2neo/core.py", line 261, in get
    raise Unauthorized(self.uri.string)
py2neo.error.Unauthorized: http://localhost:7474/db/data/

What am I doing wrong?

nicolewhite commented 8 years ago

Hello! What version of Neo4j?

cjduncana commented 8 years ago

@nicolewhite 2.3.2 Community

nicolewhite commented 8 years ago

You're sure you set the environment variables? What happens when you echo $NEO4J_USERNAME?

cjduncana commented 8 years ago

username

nicolewhite commented 8 years ago

Okay, and that's the username you set when you started Neo4j?

cjduncana commented 8 years ago

If I echo $NEO4J_PASSWORD, it returns password.

cjduncana commented 8 years ago

No, NEO4J had its default username: neo4j.

nicolewhite commented 8 years ago

Then you need to set that as your username. :) The username and password should match the username and password you set.

cjduncana commented 8 years ago

That was it! Thank you very much!

nicolewhite commented 8 years ago

No problem! :+1: