New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Redirect loop for initial password change, behind nginx SSL reverse-proxy #5815

Closed
xdch47 opened this Issue Jan 23, 2019 · 6 comments

Comments

5 participants
@xdch47
Copy link
Contributor

xdch47 commented Jan 23, 2019

  • Gitea version (or commit ref): v1.7.0
  • Git version: 2.19.2
  • Operating system: Linux
  • Database (use [x]):
    • PostgreSQL
    • MySQL
    • MSSQL
    • SQLite
  • Can you reproduce the bug at https://try.gitea.io:
    • Yes (provide example URL)
    • No
    • Not relevant
  • Log gist:

Description

See https://discourse.gitea.io/t/redirect-loop-for-initial-password-change-behind-nginx-ssl-reverse-proxy/684 (Note: I'm not the author of this request, but have the same issue)

Additional: On login the "heatdiagramm" is not generate - looks like website hangs …
Every link redirects to /git/user/settings/change_password

Workaround: Set change_password field in the sql-lite gitea.db to 0

  • Then everything works fine again…
@olymk2

This comment has been minimized.

Copy link

olymk2 commented Jan 26, 2019

This also seems to effect the api, just spent some time trying to login and instead of getting json I was getting html for the change_password page.

Hitting this url with a new user, I eventually logged in and saw the change password screen set the password and now get json back this seems like incorrect behaviour for the api endpoint.

url = f"https://{username}:{password}@git.example.com/api/v1/users/{username}/tokens"

@frostieDE

This comment has been minimized.

Copy link

frostieDE commented Jan 31, 2019

I am running the latest Gitea and it seems to work for me. My gitea is also running behind an nginx reverse proxy with the following configuration:

        location / {
                proxy_set_header    Host                git.example.com;
                proxy_set_header    X-Real-IP           $remote_addr;
                proxy_set_header    X-Forwarded-For     $proxy_add_x_forwarded_for;
                proxy_set_header    X-Forwarded-Proto   $scheme;

                proxy_set_header X-Forwarded-Ssl on;
                proxy_pass http://gitea;
        }

Maybe the added headers fix the infinite redirection?

@lafriks

This comment has been minimized.

Copy link
Member

lafriks commented Jan 31, 2019

It could be that user has set that his password must be changed. For API most probably error should be returned

@xdch47

This comment has been minimized.

Copy link
Contributor Author

xdch47 commented Feb 2, 2019

Just updated and test with gitea 1.7.1
Problem persists.
nginx reverse proxy is kind of similar:

        location /git/ {                                                                                               
            proxy_pass       http://localhost:3000/;
            proxy_set_header Host $host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            #max_body_size will allow you to upload a large git repository
            client_max_body_size 100M;
        } 
@xdch47

This comment has been minimized.

Copy link
Contributor Author

xdch47 commented Feb 2, 2019

The problem occurs when adding new users.

@xdch47

This comment has been minimized.

Copy link
Contributor Author

xdch47 commented Feb 4, 2019

@frostieDE : the main difference is the location - if I switch to location / - just the problem with the heatmap persists (user has been created and added to an active group as well) --> script on website hangs

  • forwarding to change_password page works.

location /git/ with app.ini ROOT_URL = https://myhostname.mydomain/git/ leads to an infinite loop

xdch47 added a commit to xdch47/gitea that referenced this issue Feb 4, 2019

@lunny lunny added the kind/bug label Feb 7, 2019

@lunny lunny closed this in #5965 Feb 17, 2019

lunny added a commit that referenced this issue Feb 17, 2019

@lunny lunny added this to the 1.7.3 milestone Feb 17, 2019

xdch47 added a commit to xdch47/gitea that referenced this issue Feb 17, 2019

zeripath added a commit that referenced this issue Feb 17, 2019

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment