Unable to login after installation

[snird]

I followed https://umami.is/docs/login but the login credentials does not work.

I guess this is a bug, as I looked at the postgres insert script: https://github.com/mikecao/umami/blob/d3514cfc5f20966612c277a5885356fa220a5ddd/sql/schema.postgresql.sql#L72

It is hardcoded for the password hash there, it does not consider the SALT we chose in the config.
So this salt won't work with the hardcoded hash...

I did not validate this yet, but I guess this is the issue here

[martin-ro]

Same problem here

[snird]

I'm actually confused, the code here that created password seems to not use the SALT at all:
https://github.com/mikecao/umami/blob/b392a51676fc314df7b338bf790c8af8fc64fd6c/lib/crypto.js#L28

it just pass salt rounds, let bcrypt use a random SALT.
maybe I miss something here so I'll wait for the author (:

[mikecao]

The password function does not consider the HASH_SALT in your .env file. It chooses a random salt. Can you try updating the password in the database to another value and see if that works?

[snird]

Yes.
I manually generated a pass using bcrypt.hash() and set it on the database.
This allowed me to connect.

[jkyngan]

i execute the following sql and it works
insert into account (username, password, is_admin) values ('admin', '$2b$10$BUli0c.muyCW1ErNJc3jL.vFRFtFJWrT8/GcR4A.sUdCznaXiqFXa', true);
found in the last line of schema.mysql.sql

[mikecao]

Latest push updated the hashes in the sql files just in case, though the original ones should have worked.

[SoftCreatR]

I'm still unable to login, even with a self generated hash.

[mikecao]

@SoftCreatR can you try pulling the latest version? It was incorrectly reporting invalid login/password when it could be due to some other issue.

[SoftCreatR]

Nope, no success.

[mikecao]

@SoftCreatR you have a typo, it's umami not unami

[SoftCreatR]

Oh god... 😸

[mikecao]

Seems like issues are resolved. Closing this.