Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


Skip to content
  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
  • Search
Skins
  • Light
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor

  • Default (No Skin)
  • No Skin
Collapse
Brand Logo

Cloudron Forum

Apps | Demo | Docs | Install
  1. Cloudron Forum
  2. App Packaging & Development
  3. proxyAuth bug

proxyAuth bug

Scheduled Pinned Locked Moved Solved App Packaging & Development
9 Posts 3 Posters 1.4k Views 3 Watching
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • mehdiM Offline
    mehdiM Offline
    mehdi
    App Dev
    wrote on last edited by
    #1

    When the protected page returns a 403, the proxyAuth login page front-end thinks that it's the login itself which failed and incorrectly shows the Incorrect username or password message.

    girishG 1 Reply Last reply
    0
    • nebulonN Offline
      nebulonN Offline
      nebulon
      Staff
      wrote on last edited by
      #2

      Hm we use the auth_request feature of nginx here, not sure if this can be fixed easily.

      mehdiM 1 Reply Last reply
      0
      • nebulonN nebulon

        Hm we use the auth_request feature of nginx here, not sure if this can be fixed easily.

        mehdiM Offline
        mehdiM Offline
        mehdi
        App Dev
        wrote on last edited by
        #3

        @nebulon actually, the login does happen correctly. I think it's just a pure front-end bug: the message should be printed only when the 403 happens on the /login request, not on the URL to which the browser is redirected.

        BTW, it also seems /logout does not work properly

        1 Reply Last reply
        0
        • nebulonN Offline
          nebulonN Offline
          nebulon
          Staff
          wrote on last edited by
          #4

          I can't quite see how this happens from a code perspective. The Incorrect username or password message shown in the login form is only done in one place as a response to the POST request to validate the values. I don't see how the app is even involved at that point.

          mehdiM 1 Reply Last reply
          0
          • nebulonN nebulon

            I can't quite see how this happens from a code perspective. The Incorrect username or password message shown in the login form is only done in one place as a response to the POST request to validate the values. I don't see how the app is even involved at that point.

            mehdiM Offline
            mehdiM Offline
            mehdi
            App Dev
            wrote on last edited by mehdi
            #5

            @nebulon The /login responds with a redirect. So the fetch from front end follows it because fetch defaults to following redirects (cf https://developer.mozilla.org/en-US/docs/Web/API/WindowOrWorkerGlobalScope/fetch ). You should specify the option to not follow automatically. (that's if you guys do use fetch)

            nebulonN 1 Reply Last reply
            0
            • mehdiM mehdi

              @nebulon The /login responds with a redirect. So the fetch from front end follows it because fetch defaults to following redirects (cf https://developer.mozilla.org/en-US/docs/Web/API/WindowOrWorkerGlobalScope/fetch ). You should specify the option to not follow automatically. (that's if you guys do use fetch)

              nebulonN Offline
              nebulonN Offline
              nebulon
              Staff
              wrote on last edited by
              #6

              This is great observation and indeed we do use fetch() here. I've fixed it at https://git.cloudron.io/cloudron/dashboard/-/commit/0adcc2af4f83d369c238ecc515b00c62c291935d pending testing your case though.

              1 Reply Last reply
              2
              • mehdiM mehdi

                When the protected page returns a 403, the proxyAuth login page front-end thinks that it's the login itself which failed and incorrectly shows the Incorrect username or password message.

                girishG Offline
                girishG Offline
                girish
                Staff
                wrote on last edited by
                #7

                @mehdi Do you have repo or test case I can test with?

                mehdiM 1 Reply Last reply
                0
                • girishG girish

                  @mehdi Do you have repo or test case I can test with?

                  mehdiM Offline
                  mehdiM Offline
                  mehdi
                  App Dev
                  wrote on last edited by
                  #8

                  @girish I do not have something ready to test.

                  It happened to me while packaging Transmission when I messed up the hosts whitelist in the Transmission config 😅

                  You could try by running my Transmission package (which is almost ready :D), but modify this line https://git.cloudron.io/mehdi/transmission-app/-/blob/master/transmission/non-modifiable.settings.json#L4 with "rpc-whitelist": "127.0.0.1" instead.

                  However, it may be easier to just slap together a basic node or PHP app that just responds a 403 with a test content 403 TEST on /.

                  Buggy behaviour I encountered: showing a login page. When trying to login, staying on the login page then displaying the Incorrect username or password message .

                  Wanted behaviour: showing login page. When trying to login, redirecting to the 403 TEST page

                  1 Reply Last reply
                  1
                  • nebulonN Offline
                    nebulonN Offline
                    nebulon
                    Staff
                    wrote on last edited by
                    #9

                    I've put a test app and tested this and it works now as expected with the applied fix.

                    1 Reply Last reply
                    3
                    Reply
                    • Reply as topic
                    Log in to reply
                    • Oldest to Newest
                    • Newest to Oldest
                    • Most Votes


                    • Login

                    • Don't have an account? Register

                    • Login or register to search.
                    • First post
                      Last post
                    0
                    • Categories
                    • Recent
                    • Tags
                    • Popular
                    • Bookmarks
                    • Search