error in v2.2.13 with admin create user without password #301
Description
Bug report
Describe the bug
When trying to create a user without a password, the server closes the connection without sending a response.
To Reproduce
- Create
docker-compose.ymlfile with:
version: '3'
services:
gotrue:
image: supabase/gotrue:v2.2.13
ports:
- '9999:9999'
environment:
GOTRUE_MAILER_URLPATHS_CONFIRMATION: '/verify'
GOTRUE_JWT_SECRET: '37c304f8-51aa-419a-a1af-06154e63707a'
GOTRUE_JWT_EXP: 3600
GOTRUE_DB_DRIVER: postgres
DB_NAMESPACE: auth
GOTRUE_API_HOST: 0.0.0.0
PORT: 9999
GOTRUE_DISABLE_SIGNUP: 'false'
API_EXTERNAL_URL: http://localhost:9999
GOTRUE_SITE_URL: http://localhost:9999
GOTRUE_URI_ALLOW_LIST: https://supabase.io/docs
GOTRUE_MAILER_AUTOCONFIRM: 'false'
GOTRUE_LOG_LEVEL: DEBUG
GOTRUE_OPERATOR_TOKEN: super-secret-operator-token
DATABASE_URL: 'postgres://postgres:postgres@db:5432/postgres?sslmode=disable'
GOTRUE_EXTERNAL_GOOGLE_ENABLED: 'true'
GOTRUE_EXTERNAL_GOOGLE_CLIENT_ID: 53566906701-bmhc1ndue7hild39575gkpimhs06b7ds.apps.googleusercontent.com
GOTRUE_EXTERNAL_GOOGLE_SECRET: Sm3s8RE85rDcS36iMy8YjrpC
GOTRUE_EXTERNAL_GOOGLE_REDIRECT_URI: http://localhost:9999/callback
GOTRUE_SMTP_HOST: mail
GOTRUE_SMTP_PORT: 2500
GOTRUE_SMTP_USER: GOTRUE_SMTP_USER
GOTRUE_SMTP_PASS: GOTRUE_SMTP_PASS
GOTRUE_SMTP_ADMIN_EMAIL: admin@email.com
GOTRUE_MAILER_SUBJECTS_CONFIRMATION: 'Please confirm'
GOTRUE_EXTERNAL_PHONE_ENABLED: 'true'
GOTRUE_SMS_PROVIDER: "twilio"
GOTRUE_SMS_TWILIO_ACCOUNT_SID: "${GOTRUE_SMS_TWILIO_ACCOUNT_SID}"
GOTRUE_SMS_TWILIO_AUTH_TOKEN: "${GOTRUE_SMS_TWILIO_AUTH_TOKEN}"
GOTRUE_SMS_TWILIO_MESSAGE_SERVICE_SID: "${GOTRUE_SMS_TWILIO_MESSAGE_SERVICE_SID}"
GOTRUE_SMS_AUTOCONFIRM: 'false'
depends_on:
- db
restart: on-failure
mail:
image: phamhieu/inbucket:latest
ports:
- '2500:2500' # SMTP
- '9000:9000' # web interface
- '1100:1100' # POP3
db:
image: supabase/postgres:latest
ports:
- '5432:5432'
command: postgres -c config_file=/etc/postgresql/postgresql.conf
volumes:
- ./db:/docker-entrypoint-initdb.d/
environment:
POSTGRES_DB: postgres
POSTGRES_USER: postgres
POSTGRES_PASSWORD: postgres
POSTGRES_PORT: 5432- Create
db/00-schema.sqlfile with:
CREATE SCHEMA IF NOT EXISTS auth AUTHORIZATION postgres;
-- auth.users definition
CREATE TABLE auth.users (
instance_id uuid NULL,
id uuid NOT NULL,
aud varchar(255) NULL,
"role" varchar(255) NULL,
email varchar(255) NULL,
encrypted_password varchar(255) NULL,
confirmed_at timestamptz NULL,
invited_at timestamptz NULL,
confirmation_token varchar(255) NULL,
confirmation_sent_at timestamptz NULL,
recovery_token varchar(255) NULL,
recovery_sent_at timestamptz NULL,
email_change_token varchar(255) NULL,
email_change varchar(255) NULL,
email_change_sent_at timestamptz NULL,
last_sign_in_at timestamptz NULL,
raw_app_meta_data jsonb NULL,
raw_user_meta_data jsonb NULL,
is_super_admin bool NULL,
created_at timestamptz NULL,
updated_at timestamptz NULL,
CONSTRAINT users_pkey PRIMARY KEY (id)
);
CREATE INDEX users_instance_id_email_idx ON auth.users USING btree (instance_id, email);
CREATE INDEX users_instance_id_idx ON auth.users USING btree (instance_id);
-- auth.refresh_tokens definition
CREATE TABLE auth.refresh_tokens (
instance_id uuid NULL,
id bigserial NOT NULL,
"token" varchar(255) NULL,
user_id varchar(255) NULL,
revoked bool NULL,
created_at timestamptz NULL,
updated_at timestamptz NULL,
CONSTRAINT refresh_tokens_pkey PRIMARY KEY (id)
);
CREATE INDEX refresh_tokens_instance_id_idx ON auth.refresh_tokens USING btree (instance_id);
CREATE INDEX refresh_tokens_instance_id_user_id_idx ON auth.refresh_tokens USING btree (instance_id, user_id);
CREATE INDEX refresh_tokens_token_idx ON auth.refresh_tokens USING btree (token);
-- auth.instances definition
CREATE TABLE auth.instances (
id uuid NOT NULL,
uuid uuid NULL,
raw_base_config text NULL,
created_at timestamptz NULL,
updated_at timestamptz NULL,
CONSTRAINT instances_pkey PRIMARY KEY (id)
);
-- auth.audit_log_entries definition
CREATE TABLE auth.audit_log_entries (
instance_id uuid NULL,
id uuid NOT NULL,
payload json NULL,
created_at timestamptz NULL,
CONSTRAINT audit_log_entries_pkey PRIMARY KEY (id)
);
CREATE INDEX audit_logs_instance_id_idx ON auth.audit_log_entries USING btree (instance_id);
-- auth.schema_migrations definition
CREATE TABLE auth.schema_migrations (
"version" varchar(255) NOT NULL,
CONSTRAINT schema_migrations_pkey PRIMARY KEY ("version")
);
INSERT INTO auth.schema_migrations (version)
VALUES ('20171026211738'),
('20171026211808'),
('20171026211834'),
('20180103212743'),
('20180108183307'),
('20180119214651'),
('20180125194653');
-- Gets the User ID from the request cookie
create or replace function auth.uid() returns uuid as $$
select nullif(current_setting('request.jwt.claim.sub', true), '')::uuid;
$$ language sql stable;
-- Gets the User ID from the request cookie
create or replace function auth.role() returns text as $$
select nullif(current_setting('request.jwt.claim.role', true), '')::text;
$$ language sql stable;
GRANT ALL PRIVILEGES ON SCHEMA auth TO postgres;
GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA auth TO postgres;
GRANT ALL PRIVILEGES ON ALL SEQUENCES IN SCHEMA auth TO postgres;
ALTER USER postgres SET search_path = "auth";-
Run
docker-compose up -dand wait 15 seconds -
Run
curl --location --request POST 'http://localhost:9999/admin/users' --header 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwicm9sZSI6InN1cGFiYXNlX2FkbWluIiwiaWF0IjoxNTE2MjM5MDIyfQ.0sOtTSTfPv5oPZxsjvBO249FI4S4p0ymHoIZ6H6z9Y8' --header 'Content-Type: application/json' --data-raw '{"email": "example@gmail.com"}'- Result
curl: (52) Empty reply from server
make: *** [Makefile:39: curl] Error 52Expected behavior
With gotrue:v2.2.11 in the docker-compose.yml file the result is:
{"id":"7c69f41c-338f-46b0-8ff6-ea13d57cd4eb","aud":"","role":"","email":"example@gmail.com","phone":"","app_metadata":{"provider":"email","providers":["email"]},"user_metadata":{},"identities":null,"created_at":"2021-12-11T06:06:32.855162Z","updated_at":"2021-12-11T06:06:32.856622Z"}System information
- OS: ubuntu
- Version of gotrue: v2.2.13
Additional context
The error was introduced in commit #297