Token API Documentation update

[LuminousPath]

Hi, I noticed in your wiki documentation for the api that the endpoint for token management is under token but it seems like the endpoint is now behind the path prefix api/token. Any chance to get the docs updated?

[zeratax]

right sorry about will update that asap.
meanwhile it's briefly mentioned in the release notes:

https://github.com/ZerataX/matrix-registration/releases/tag/v0.9.0

[jahlives]

sorry to hijack this issue but I'm also trying to access the token endpoint. I'm using a docker setup (pulled everything this morning) but it seems the api/token endpoint is not available

curl --head -H "Authorization: SharedSecret mytotalsecret" http://10.66.66.16:5000/api/token
HTTP/1.1 404 NOT FOUND
Content-Length: 232
Content-Type: text/html; charset=utf-8
Date: Tue, 20 Apr 2021 08:48:26 GMT
Server: waitress

if I try the old endpoint I get a internal server error

curl --head -H "Authorization: SharedSecret mytotalsecret" http://10.66.66.16:5000/token
HTTP/1.1 500 INTERNAL SERVER ERROR
Content-Length: 290
Content-Type: text/html; charset=utf-8
Date: Tue, 20 Apr 2021 08:48:34 GMT
Server: waitress

if I use a wrong password on the old endpoint I get

curl --head -H "Authorization: SharedSecret wrongpassword" http://10.66.66.16:5000/token
HTTP/1.1 401 UNAUTHORIZED
Content-Length: 58
Content-Type: application/json
Date: Tue, 20 Apr 2021 08:49:48 GMT
Server: waitress
Www-Authenticate: SharedSecret realm="Authentication Required"

my matrix-registration is running behind a nginx proxy with the following config snippet

location  ~ ^/(static|register|token) {
        proxy_set_header X-Forwarded-For $remote_addr;
        proxy_pass http://matrix-registration:5000;
}

[zeratax]

ehm @jahlives i guess you would forward api in nginx not token. also make sure the api shared secret is not set to the default, otherwise the api is disabled

[zeratax]

should be updated now, if nobody complains i'm going to close this issue soon

[jahlives]

@zeratax
also with this nginx block it does not work

location  ~ ^/(static|register|api|token) {
        proxy_set_header X-Forwarded-For $remote_addr;
        proxy_pass http://synapse-registration:5000;
    }

still getting 404 NOT FOUND even when using wrongpassword in curl call.

curl --head -H "Authorization: SharedSecret wrongpassword" http://10.66.66.16:5000/api/token
HTTP/1.1 404 NOT FOUND
Content-Length: 232
Content-Type: text/html; charset=utf-8
Date: Thu, 22 Apr 2021 05:32:10 GMT
Server: waitress

if I just use token endpoint I'll get the expected auth required

curl --head -H "Authorization: SharedSecret wrongpassword" http://10.66.66.16:5000/token
HTTP/1.1 401 UNAUTHORIZED
Content-Length: 58
Content-Type: application/json
Date: Thu, 22 Apr 2021 05:32:04 GMT
Server: waitress
Www-Authenticate: SharedSecret realm="Authentication Required"

but using the correct password on token gives me the internal server error

curl --head -H "Authorization: SharedSecret correctpassword" http://10.66.66.16:5000/token
HTTP/1.1 500 INTERNAL SERVER ERROR
Content-Length: 290
Content-Type: text/html; charset=utf-8
Date: Thu, 22 Apr 2021 05:34:16 GMT
Server: waitress

so for me it seems that api/tokendoes not exist in my container. API is up according to netstat -tunlp in container as port 5000 is bound to 0.0.0.0
Here is the snippet from my compose file

synapse-registration:
        build: ./app/synapse-registration
        container_name: matrix-registration
        networks: ["internal"]
        volumes:
            - "./configs/synapse-registration/config.yaml:/etc/config.yaml:ro"
            - "./configs/synapse-registration/register.html:/usr/local/lib/python3.9/site-packages/matrix_registration/templates/register.html:ro"
            - "./data/matrix-registration/:/data/"
        depends_on: ["synapse"]
        command: /bin/sh -c 'matrix-registration --config-path /etc/config.yaml serve'
        restart: unless-stopped

and in config.yaml the api password is set

[...]
admin_api_shared_secret: 'correctpassword'
base_url: ''
db: 'sqlite:///{cwd}/data/db.sqlite3'
filename: /data/m_reg.log
host: '0.0.0.0'
port: 5000
[...]

any hint is highly appreciated but atm I can live with that as I can manage tokens directly in the container.

docker exec -it 3d34a9e7b281 matrix-registration --config-path /etc/config.yaml status -l
ChanceBridgeJerome

But api access would be nicer ;-)
If you like you can close the issue

[jahlives]

@zeratax
omg how could I miss that??? :-)
I still had a matrix-registration instance running locally (not in docker) which was listening on port 5000. So my curls always talked to that instance instead of docker, let aside that the curls did not go via nginx proxy
curl it correctly gives me the expected answer, although still not on api/token but on token

curl -k -H "Authorization: SharedSecret correctpassword." https://10.66.66.16/token
[{"ex_date":null,"name":"ChanceBridgeJerome","one_time":false,"used":0,"valid":true}]

sorry for the noise I made, case closed now from my side (although I still wonder why api/token endpoint does not work)

[zeratax]

looks like you're not on the latest version. the api subdirectory was just last week introduced

[jahlives]

@zeratax
found why I have an old version: my Dockerfile installs matrix-registration via pip :-) Tried your image but then I get weird errors complaining that the cli arguments are not okay

matrix-registration     | Usage: matrix-registration [OPTIONS] COMMAND [ARGS]...
matrix-registration     | 
matrix-registration     |   a token based matrix registration app
matrix-registration     | 
matrix-registration     | Options:
matrix-registration     |   --config-path TEXT  specifies the config file to be used
matrix-registration     |   --version           Show the flask version
matrix-registration     |   -h, --help          Show this message and exit.
matrix-registration     | 
matrix-registration     | Commands:
matrix-registration     |   generate  generate new token
matrix-registration     |   serve     start api server
matrix-registration     |   status    view status or disable
matrix-registration exited with code 0

which makes no sense to me as the command to start is as follows

command: /bin/sh -c 'matrix-registration --config-path /etc/config.yaml serve'

in my docker-compose file. Also used the db update as described here: https://github.com/ZerataX/matrix-registration/releases/tag/v0.9.0 But the error remained. Went back to the pip version and it works

[zeratax]

hmm unsure what's going on with that dockerimage

[jahlives]

@zeratax

sorry to re-open this issue. But now seems that the version on pip updated as well. So I got my version updated today and it produces the same errors (regardless of pip or docker image directly)

registration            | 2021-05-26T14:20:49.003879113Z Usage: matrix-registration [OPTIONS] COMMAND [ARGS]...
registration            | 2021-05-26T14:20:49.003935786Z 
registration            | 2021-05-26T14:20:49.003952889Z   a token based matrix registration app
registration            | 2021-05-26T14:20:49.003966510Z 
registration            | 2021-05-26T14:20:49.003979523Z Options:
registration            | 2021-05-26T14:20:49.003992439Z   --config-path TEXT  specifies the config file to be used
registration            | 2021-05-26T14:20:49.004005534Z   --version           Show the flask version
registration            | 2021-05-26T14:20:49.004017721Z   -h, --help          Show this message and exit.

my command in docker-compose looks like this

[...]
volumes:
            - "./configs/synapse-registration/config.yaml:/etc/config.yaml:ro"
            - "./configs/synapse-registration/register.html:/usr/local/lib/python3.9/site-packages/matrix_registration/templates/register.html:ro"
            - "./data/matrix-registration/:/data/"
command: /bin/sh -c 'matrix-registration --config-path /etc/config.yaml serve'
[...]

so atm matrix-registration is completly broken for me

The only way that works for me is to change my Dockerfile for the build to install matrix-registration==0.8.0 from pip