Authentication credentials were not provided

[xme]

Describe the bug
Authentication popup's are displayed once logged in!?

To Reproduce
Steps to reproduce the behavior:

1. Connect to Watcher
2. Authenticate with a valid user
3. Browse the web interface tabs

Screenshots

[Felix83000]

Authentication popup's error are displayed only if your authentication knox token is expired.

"DRF tokens track their creation time, but have no inbuilt mechanism for tokens expiring. Knox tokens can have an expiry configured in the app settings (default is 10 hours.)" from here.

If it's the case, you must logout / log in again.

Regards,

[xme]

Ok, thanks for the info but the popups are displayed immediately after I successfully authenticated!?

[xme]

Based on logs, it seems that access to the "API" is the cause of those popups:

watcher | [22/Oct/2020 19:23:56] "GET /api/data_leak/alert/ HTTP/1.1" 401 58
watcher | [22/Oct/2020 19:23:56] "GET /static/css/fonts/MaterialIcons-Regular.woff2 HTTP/1.1" 304 0
watcher | 2020-10-22 19:24:00.002487 - CRON TASK : Suspicious Website Monitoring
watcher | [22/Oct/2020 19:24:03] "POST /api/auth/logout/ HTTP/1.1" 204 0
watcher | [22/Oct/2020 19:24:11] "POST /api/auth/login HTTP/1.1" 200 164
watcher | [22/Oct/2020 19:24:11] "GET /api/data_leak/alert/ HTTP/1.1" 401 58
watcher | [22/Oct/2020 19:24:11] "GET /api/data_leak/keyword/ HTTP/1.1" 401 58
watcher | [22/Oct/2020 19:24:20] "GET /api/dns_finder/alert/ HTTP/1.1" 401 58
watcher | [22/Oct/2020 19:24:20] "GET /api/site_monitoring/site/ HTTP/1.1" 401 58
watcher | [22/Oct/2020 19:24:20] "GET /api/dns_finder/dns_monitored/ HTTP/1.1" 401 58
watcher | [22/Oct/2020 19:24:31] "GET /api/site_monitoring/alert/ HTTP/1.1" 401 58
watcher | [22/Oct/2020 19:24:31] "GET /api/site_monitoring/site/ HTTP/1.1" 401 58
watcher | [22/Oct/2020 19:24:34] "GET /api/data_leak/alert/ HTTP/1.1" 401 58
watcher | [22/Oct/2020 19:24:34] "GET /api/data_leak/keyword/ HTTP/1.1" 401 58

Also, I don't see any data on dashboard (but they are present in the /admin part of the app

[Felix83000]

Have you tried to connect with your admin account created via the "createsuperuser" command line ?

[xme]

Yes, exactly the same behavior!
[Edited]
And I see the Knox token in the admin interface (created, not expired, ...) looks fine.

[Felix83000]

Okay I will investigate further tomorrow.

[xme]

Tx! I left the session open... and indeed after x hours, it says "Invalid token" and I've to reauthenticate.

[Felix83000]

So is this working? Can you browse the web interface tabs and see the data ?

[xme]

No, I authenticate myself in the web interface then, I see immediately popups (cfr my 1st screenshot) and I can't see any data
In the docker logs, I see 401 errors when trying to access URLs starting with /api/... (cfr logs above)

[xme]

This is what I have when I try to access a page:

watcher          | Unauthorized: /api/site_monitoring/site/
watcher          | [23/Oct/2020 10:43:48] "GET /api/site_monitoring/site/ HTTP/1.1" 401 58
watcher          | Unauthorized: /api/site_monitoring/alert/
watcher          | [23/Oct/2020 10:43:48] "GET /api/site_monitoring/alert/ HTTP/1.1" 401 58
``
+ the popups in the browser...

[Felix83000]

I really don't know why this happens. Try to create another user.
And if this issue persist, try to recreate your database and superuser via the documentation.

When doing docker-compose up, do not forget to wait until you see:

watcher | db_watcher is up, starting Watcher.
watcher | Performing system checks...
watcher |
watcher | System check identified no issues (0 silenced).
watcher |
watcher | You have 66 unapplied migration(s). Your project may not work properly until you apply the migrations for app(s): admin, auth, contenttypes, data_leak, dns_finder, knox, sessions, site_monitoring, threats_watcher.
watcher | Run 'python manage.py migrate' to apply them.
watcher | October 23, 2020 - 13:09:40
watcher | Django version 3.1.1, using settings 'watcher.settings'
watcher | Starting development server at http://0.0.0.0:9002/
watcher | Quit the server with CONTROL-C.

[xme]

Recreated a new environment on a spare Docker instance... Same results :( I followed carefully the documentation... Any tip to dive into the code to try to find where those "Unauthorized: /api/site_monitoring/alert/" are generated?

What I did:
Connect to /admin with root account, create another account
Connect to the interface with new account and add some keywords (already, I see the popups)
Connect to /admin with new account, I see my keywords
Connect back to the interface with new account, I can't see the keywords anymore and more popups...
I'm lost! :(

[Edited]
What I see for the 1st access to the API:

Unauthorized: /api/auth/user
[23/Oct/2020 17:08:43] "GET /api/auth/user HTTP/1.1" 401 58

[xme]

Ok, I found more interesting info...
Have a look at the screenshot: The 1st HTTP request gets back a 301...
When the 2nd HTTP request is performed, the 'Authentication' header is NOT passed to the server!?

[Edited]
I understand that the header is dropped for security reasons but... why do I see lot of redirects (url without trailing '/' being redirected to url with a trailing '/')?

[Felix83000]

Ok I see why the redirection happens... I will modify https://github.com/Felix83000/Watcher/blob/master/Watcher/Watcher/frontend/src/actions/SiteMonitoring.js by adding "/" and I come back to you.

Thx

[Felix83000]

I made the modification (34840fb).

May you try and come back to me?

Thx

[Felix83000]

Update procedure: https://felix83000.github.io/Watcher/README.html#update-watcher

[xme]

Upgraded and it's much better! Thanks for your help!