search

stevearc / pypicloud

S3-backed pypi server implementation
MIT License
506 stars 141 forks source link

Login button via web interface #307

Closed microbioticajon closed 2 years ago

microbioticajon commented 2 years ago

I am testing out version 1.3.6 on a fresh AWS ECS deployment and have noticed that while navigating the web interface if I click on the "Login" button (https://my-host/login) it takes me to a page that simply lists the following links:

login-0.0.1.tar.gz
login-0.0.2.tar.gz
login-0.0.3.tar.gz
login-0.0.4.tar.gz
login-0.0.5.tar.gz
login-0.0.6.tar.gz

Where each link looks like: https://my-host/api/package/login/login-0.0.1.tar.gz

I am simply using auth defaults - no LDAP etc...

It feels like a configuration issue but Im a little stumped.

[app:main]
use = egg:pypicloud

pyramid.reload_templates = false
pyramid.debug_authorization = true
pyramid.debug_notfound = false
pyramid.debug_routematch = true
pyramid.default_locale_name = en

# Package fallback caching
pypi.fallback = cache
pypi.fallback_base_url = ...
pypi.use_json_scraper = true
pypi.always_show_upstream = true
pypi.cache_update = everyone

# Package storage backend
pypi.storage = s3
storage.bucket = ...
storage.region_name = ...

# Database backend
pypi.db = dynamo
db.region_name = ...
db.namespace = ...
db.graceful_reload = true

# Auth
pypi.default_read =
    everyone
pypi.default_write =
    upload

auth.admins =
  root

# Pre-baked users
user.root = $6$rounds=20500$...

# For beaker
# These need to be passed in via environment variables
session.encrypt_key = ${SESSION_ENCRYPT_KEY}
session.validate_key = ${SESSION_VALIDATE_KEY}
session.secure = true
session.invalidate_corrupt = true

filter-with = proxy-prefix

###
# ssl termination through EBL
###

[filter:proxy-prefix]
use = egg:PasteDeploy#prefix
scheme = https

###
# wsgi server configuration
###

[uwsgi]
paste = config:%p
paste-logger = %p
master = true
uid = pypicloud
gid = pypicloud
processes = 20
reload-mercy = 15
worker-reload-mercy = 15
max-requests = 1000
enable-threads = true
http = 0.0.0.0:8080

###
# logging configuration
# http://docs.pylonsproject.org/projects/pyramid/en/latest/narr/logging.html
###

[loggers]
keys = root, boto

[handlers]
keys = console

[formatters]
keys = generic

[logger_root]
level = INFO
handlers = console

[logger_boto]
level = WARN
qualname = boto
handlers =

[handler_console]
class = StreamHandler
args = (sys.stderr,)
level = NOTSET
formatter = generic

[formatter_generic]
format = %(levelname)s %(asctime)s [%(name)s] %(message)s

Im also having issues authenticating via TWINE but I suspect that is a different issue...

stevearc commented 2 years ago

I believe this is because of #306. Investigating...

stevearc commented 2 years ago

Should be fixed