search

tiagocoutinho / multivisor

Centralized supervisor WebUI and CLI
GNU General Public License v3.0
184 stars 37 forks source link

TypeError exception is raised when attempting to login to multivisor using authentication #72

Closed bbugyi200 closed 3 years ago

bbugyi200 commented 3 years ago

My multivisor.conf file:

[global]
name=multivisor
username=test_user
password=test_password

[supervisor:A]
url=localhost:9051

[supervisor:B]
url=localhost:9052

Directly after hitting the "Log In" button on the multivisor site (after putting in my creds), nothing changes on the web console and I see this in the logs:

ERROR 2021-01-03 14:40:36,251 multivisor.server.web: Exception on /api/login [POST]
Traceback (most recent call last):
  File "/home/bryan/.local/pipx/venvs/multivisor/lib/python3.8/site-packages/flask/app.py", line 2447, in wsgi_app
    response = self.full_dispatch_request()
  File "/home/bryan/.local/pipx/venvs/multivisor/lib/python3.8/site-packages/flask/app.py", line 1952, in full_dispatch_request
    rv = self.handle_user_exception(e)
  File "/home/bryan/.local/pipx/venvs/multivisor/lib/python3.8/site-packages/flask/app.py", line 1821, in handle_user_exception
    reraise(exc_type, exc_value, tb)
  File "/home/bryan/.local/pipx/venvs/multivisor/lib/python3.8/site-packages/flask/_compat.py", line 39, in reraise
    raise value
  File "/home/bryan/.local/pipx/venvs/multivisor/lib/python3.8/site-packages/flask/app.py", line 1950, in full_dispatch_request
    rv = self.dispatch_request()
  File "/home/bryan/.local/pipx/venvs/multivisor/lib/python3.8/site-packages/flask/app.py", line 1936, in dispatch_request
    return self.view_functions[rule.endpoint](**req.view_args)
  File "/home/bryan/.local/pipx/venvs/multivisor/lib/python3.8/site-packages/multivisor/server/web.py", line 169, in login
    if is_login_valid(app, username, password):
  File "/home/bryan/.local/pipx/venvs/multivisor/lib/python3.8/site-packages/multivisor/server/util.py", line 13, in is_login_valid
    return constant_time_compare(username, correct_username) and constant_time_compare(
  File "/home/bryan/.local/pipx/venvs/multivisor/lib/python3.8/site-packages/multivisor/server/util.py", line 34, in constant_time_compare
    val2 = hashlib.sha1(val2).hexdigest()
TypeError: Unicode-objects must be encoded before hashing
juarezr commented 3 years ago

@tiagocoutinho,

Any plan to issue a point release with this bug fix? Or maybe did you know if there is a workaround for enabling authentication without stumbling in this issue?

Exposing multivisor with no authentication is a blocker, unfortunately.

Thanks

BrnSlr commented 3 years ago

Any news on this ?