search

rommapp / romm

A beautiful, powerful, self-hosted rom manager
https://romm.app
GNU Affero General Public License v3.0
2.52k stars 103 forks source link

[Bug] domain.com/setup redirects to domain.com/login?next=/setup #1175

Closed ctrenthem159 closed 2 months ago

ctrenthem159 commented 2 months ago

RomM version v3.5.1

Describe the bug When running RomM for the first time, the onboarding page appears to be blocked behind authentication - despite the onboarding being required in order to have a valid authentication

To Reproduce Set up RomM from scratch with or without a reverse proxy (I tried accessing the app through both methods), and navigate to the app in a web browser (probably relevant: I am not on 'localhost', my host is a VPS in Europe and I'm accessing the app from my home in the US).

The app will initially load the main interface (which, by the way, is also a problem) and hold there for a few seconds before navigating to '/login?next=/setup'. When manually trying to navigate to 'domain.com/setup', it just redirects back to this same page.

Expected behavior If the app is set to go through the onboarding, it should go to the onboarding, not the regular login page.

Ideally, an LDAP integration would negate the issue entirely (for those of us who use it), but I know that's a much bigger problem than simply stopping a redirect.

Screenshots Relevant sections of docker-compose file:

  romm-db:
    image: mariadb:latest
    container_name: romm-db
    restart: unless-stopped
    networks: ['romm']
    environment:
      - MARIADB_RANDOM_ROOT_PASSWORD=true
      - MARIADB_DATABASE={redacted}
      - MARIADB_USER={redacted}
      - MARIADB_PASSWORD={redacted}
    volumes:
      - romm-db:/var/lib/mysql

  romm:
    image: rommapp/romm:latest
    container_name: romm
    restart: unless-stopped
    networks: ['backend', 'romm']
    depends_on: ['romm-db']
    ports: ['8082:8080'] # temporarily open for testing, intended to remove and access solely through reverse proxy in production
    environment:
      - DB_HOST=romm-db
      - DB_NAME={redacted}
      - DB_USER={redacted}
      - DB_PASSWD={redacted}
      - ROMM_AUTH_SECRET_KEY={redacted}
      - IGDB_CLIENT_ID={redacted}
      - IGDB_CLIENT_SECRET={redacted}
      - MOBYGAMES_API_KEY={redacted}
    volumes:
      - romm-data:/romm/resources
      - romm-redis:/redis-data
      - /media/share/romm/library:/romm/library
      - /media/share/romm/assets:/romm/assets
      - /media/share/romm/config:/romm/config

  nginx:
    image: 'jc21/nginx-proxy-manager:latest'
    container_name: nginx
    restart: unless-stopped
    networks: ['frontend', 'backend']
    ports: ['80:80', '443:443', '81:81']
    volumes:
      - nginx-data:/data
      - nginx-ssl:/etc/letsencrypt
      - ./snippets:/snippets

Screenshots of nginx-proxy-manager settings for RomM: image

image

image

last bit of logs from 'docker logs romm'

 urt="0.090"
[2024-09-05 18:01:53 +0000] [23] [INFO] None - "WebSocket /ws/socket.io/?EIO=4&transport=websocket" [accepted]
[2024-09-05 18:01:53 +0000] [23] [INFO] connection open
 - "GET /api/heartbeat HTTP/1.0" 200
INFO:     [nginx][2024-09-05 18:01:53]  172.23.0.5 - - "GET /api/heartbeat HTTP/1.1" 200 619 "https://retro.domain.info/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36" rt=0.024 uct="0.000" uht="0.024" urt="0.024"
 - "GET /api/heartbeat HTTP/1.0" 200
INFO:     [nginx][2024-09-05 18:01:53]  172.23.0.5 - - "GET /api/heartbeat HTTP/1.1" 200 619 "https://retro.domain.info/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36" rt=0.024 uct="0.000" uht="0.024" urt="0.024"
 - "GET /api/collections HTTP/1.0" 403
INFO:     [nginx][2024-09-05 18:01:53]  172.23.0.5 - - "GET /api/collections HTTP/1.1" 403 22 "https://retro.domain.info/setup" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36" rt=0.008 uct="0.000" uht="0.008" urt="0.008"
 - "GET /api/heartbeat HTTP/1.0" 200
INFO:     [nginx][2024-09-05 18:01:53]  172.23.0.5 - - "GET /api/heartbeat HTTP/1.1" 200 619 "https://retro.domain.info/login?next=/setup" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36" rt=0.018 uct="0.000" uht="0.017" urt="0.017"
 - "GET /api/users/me HTTP/1.0" 403
INFO:     [nginx][2024-09-05 18:01:53]  172.23.0.5 - - "GET /api/users/me HTTP/1.1" 403 22 "https://retro.domain.info/login?next=/setup" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36" rt=0.007 uct="0.000" uht="0.007" urt="0.007"
 - "GET /api/heartbeat HTTP/1.0" 200
INFO:     [nginx][2024-09-05 18:01:54]  172.23.0.5 - - "GET /api/heartbeat HTTP/1.1" 200 619 "https://retro.domain.info/login?next=/setup" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36" rt=0.015 uct="0.000" uht="0.016" urt="0.016"
18:11:50 Cleaning registries for queue: high
18:11:50 Cleaning registries for queue: default
18:11:50 Cleaning registries for queue: low
ctrenthem159 commented 2 months ago

Well that was fast. I should have tried it first, but clearing cookies stopped the redirect loop. I have no idea what cookie or when it was created that caused the failure.