Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


Skip to content
  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
  • Search
Skins
  • Light
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor

  • Default (No Skin)
  • No Skin
Collapse
Brand Logo

Cloudron Forum

Apps | Demo | Docs | Install
  1. Cloudron Forum
  2. App Packaging & Development
  3. proxyAuth bug

proxyAuth bug

Scheduled Pinned Locked Moved Solved App Packaging & Development
9 Posts 3 Posters 1.4k Views 3 Watching
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • mehdiM Offline
    mehdiM Offline
    mehdi
    App Dev
    wrote on last edited by
    #1

    When the protected page returns a 403, the proxyAuth login page front-end thinks that it's the login itself which failed and incorrectly shows the Incorrect username or password message.

    girishG 1 Reply Last reply
    0
    • nebulonN Offline
      nebulonN Offline
      nebulon
      Staff
      wrote on last edited by
      #2

      Hm we use the auth_request feature of nginx here, not sure if this can be fixed easily.

      mehdiM 1 Reply Last reply
      0
      • nebulonN nebulon

        Hm we use the auth_request feature of nginx here, not sure if this can be fixed easily.

        mehdiM Offline
        mehdiM Offline
        mehdi
        App Dev
        wrote on last edited by
        #3

        @nebulon actually, the login does happen correctly. I think it's just a pure front-end bug: the message should be printed only when the 403 happens on the /login request, not on the URL to which the browser is redirected.

        BTW, it also seems /logout does not work properly

        1 Reply Last reply
        0
        • nebulonN Offline
          nebulonN Offline
          nebulon
          Staff
          wrote on last edited by
          #4

          I can't quite see how this happens from a code perspective. The Incorrect username or password message shown in the login form is only done in one place as a response to the POST request to validate the values. I don't see how the app is even involved at that point.

          mehdiM 1 Reply Last reply
          0
          • nebulonN nebulon

            I can't quite see how this happens from a code perspective. The Incorrect username or password message shown in the login form is only done in one place as a response to the POST request to validate the values. I don't see how the app is even involved at that point.

            mehdiM Offline
            mehdiM Offline
            mehdi
            App Dev
            wrote on last edited by mehdi
            #5

            @nebulon The /login responds with a redirect. So the fetch from front end follows it because fetch defaults to following redirects (cf https://developer.mozilla.org/en-US/docs/Web/API/WindowOrWorkerGlobalScope/fetch ). You should specify the option to not follow automatically. (that's if you guys do use fetch)

            nebulonN 1 Reply Last reply
            0
            • mehdiM mehdi

              @nebulon The /login responds with a redirect. So the fetch from front end follows it because fetch defaults to following redirects (cf https://developer.mozilla.org/en-US/docs/Web/API/WindowOrWorkerGlobalScope/fetch ). You should specify the option to not follow automatically. (that's if you guys do use fetch)

              nebulonN Offline
              nebulonN Offline
              nebulon
              Staff
              wrote on last edited by
              #6

              This is great observation and indeed we do use fetch() here. I've fixed it at https://git.cloudron.io/cloudron/dashboard/-/commit/0adcc2af4f83d369c238ecc515b00c62c291935d pending testing your case though.

              1 Reply Last reply
              2
              • mehdiM mehdi

                When the protected page returns a 403, the proxyAuth login page front-end thinks that it's the login itself which failed and incorrectly shows the Incorrect username or password message.

                girishG Do not disturb
                girishG Do not disturb
                girish
                Staff
                wrote on last edited by
                #7

                @mehdi Do you have repo or test case I can test with?

                mehdiM 1 Reply Last reply
                0
                • girishG girish

                  @mehdi Do you have repo or test case I can test with?

                  mehdiM Offline
                  mehdiM Offline
                  mehdi
                  App Dev
                  wrote on last edited by
                  #8

                  @girish I do not have something ready to test.

                  It happened to me while packaging Transmission when I messed up the hosts whitelist in the Transmission config 😅

                  You could try by running my Transmission package (which is almost ready :D), but modify this line https://git.cloudron.io/mehdi/transmission-app/-/blob/master/transmission/non-modifiable.settings.json#L4 with "rpc-whitelist": "127.0.0.1" instead.

                  However, it may be easier to just slap together a basic node or PHP app that just responds a 403 with a test content 403 TEST on /.

                  Buggy behaviour I encountered: showing a login page. When trying to login, staying on the login page then displaying the Incorrect username or password message .

                  Wanted behaviour: showing login page. When trying to login, redirecting to the 403 TEST page

                  1 Reply Last reply
                  1
                  • nebulonN Offline
                    nebulonN Offline
                    nebulon
                    Staff
                    wrote on last edited by
                    #9

                    I've put a test app and tested this and it works now as expected with the applied fix.

                    1 Reply Last reply
                    3
                    Reply
                    • Reply as topic
                    Log in to reply
                    • Oldest to Newest
                    • Newest to Oldest
                    • Most Votes


                    • Login

                    • Don't have an account? Register

                    • Login or register to search.
                    • First post
                      Last post
                    0
                    • Categories
                    • Recent
                    • Tags
                    • Popular
                    • Bookmarks
                    • Search