Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

docker compose file - can't log into application #42

Open
UBA-NE opened this issue Sep 6, 2022 · 4 comments
Open

docker compose file - can't log into application #42

UBA-NE opened this issue Sep 6, 2022 · 4 comments
Assignees
@realaravinth

Comments

@UBA-NE
Copy link

UBA-NE commented Sep 6, 2022

Hi,

maybe someone can help me. I've got the docker image running, using the docker-compose.yml file provided. I have the Service running behind an ngnix Server.

When I try to log in with wrong user credentials I get the red error message, but if I use the ones given (aaronsw, password), I get forwarded to:
https://mydomain/login?redirect_to=%2F (302 instead of the 200)

here is an excerpt of the log files:

mcaptcha_1           |  INFO  actix_web::middleware::logger > 192.168.160.1 "POST /api/v1/signin HTTP/1.0" 200 0 "https://my-domain/login?redirect_to=%2F" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:104.0) Gecko/20100101 Firefox/104.0" 0.037804
mcaptcha_1           |  INFO  sqlx::query                   > /* SQLx ping */; rows affected: 0, rows returned: 0, elapsed: 534.716µs
mcaptcha_1           |  INFO  actix_web::middleware::logger > 192.168.160.1 "GET / HTTP/1.0" 302 0 "https://my-domain/login?redirect_to=%2F" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:104.0) Gecko/20100101 Firefox/104.0" 0.000330
mcaptcha_1           |  INFO  actix_web::middleware::logger > 192.168.160.1 "GET /login?redirect_to=%2F HTTP/1.0" 200 5775 "https://my-domain/login?redirect_to=%2F" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:104.0) Gecko/20100101 Firefox/104.0" 0.001699

ngnix config:

server {
    server_name my-domain;

    # security - prevent information disclosure about server version
    server_tokens off;

    access_log /var/log/nginx/captcha.access.log;
    error_log  /var/log/nginx/captcha.error.log;

    location / {
        proxy_pass http://localhost:7000;
        proxy_redirect     off;
        proxy_set_header   Host             $host;
        proxy_set_header   X-Real-IP        $remote_addr;
        proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;
        proxy_pass_request_headers on;

        client_max_body_size       10m;
        client_body_buffer_size    128k;

        proxy_connect_timeout      300;
        proxy_send_timeout         300;
        proxy_read_timeout         300;

        proxy_buffer_size          4k;
        proxy_buffers              4 32k;
        proxy_busy_buffers_size    64k;
        proxy_temp_file_write_size 64k;

        gzip on;
        gzip_types text/plain text/xml text/css image/svg+xml application/javascript application/x-javascript application/json application/xml;
        gzip_proxied any;
    }


    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/my-domain/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/my-domain/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}
server {
    if ($host = my-domain) {
        return 301 https://$host$request_uri;
    } # managed by Certbot

    server_name my-domain;
    listen 80;
    return 404; # managed by Certbot
}
@realaravinth
Copy link
Member

Hello 👋 ,

Please set MCAPTCHA_SERVER_DOMAIN to my-domain(the hostname at which your installation is available). Please see here for more info.

The configuration is part of the web framework that we are using, so it is kind of out ofscope of MCA. But this is the second time the same issue is being reported, I'll try to make it intuitive/work out-of-the-box

@UBA-NE
Copy link
Author

UBA-NE commented Sep 7, 2022

Oh no, I'm so sorry, I looked through the issues but missed that thread!. Thank you so much for your help, it now works perfectly!

@leopku
Copy link

leopku commented Jan 28, 2023

Please set MCAPTCHA_SERVER_DOMAIN to my-domain(the hostname at which your installation is available). Please see here for more info.

Same issue. Maybe add this line to readme is a good idea.

@realaravinth
Copy link
Member

Hi,

Sorry for the late response, I'll improve the docs in the following ways:

  1. Create a list of essential (essential = will fail without them being present) env variables
  2. Include MCAPTCHA_SERVER_DOMAIN in docker-compose file
  3. Improve inline documentation in the configuration file insert warnings above the relevant fields in the configuration file
  4. Log to stdout if login request is received at a hostname that's different from MCAPTCHA_SERVER_DOMAIN
  5. Create FAQ section in the docs

What do you think?

@realaravinth realaravinth self-assigned this Feb 17, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@realaravinth realaravinth

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@leopku @UBA-NE @realaravinth