Local Dev: can't login to Hamlet

[shaunanoordin]

General Issue

As of: 4169133

At the moment, it's impossible to login to Hamlet on local development. The problem only affects local development, not production.

The "it's working" path, on production

1. Open hamlet.zooniverse.org, preferably in an incognito/private window
2. This will redirect you to /accounts/login on Hamlet, and the page will say you're not logged in.
3. Click on the button to Login.
4. This will redirect you to the Panoptes Sign In page (production)
5. Type in your login details, then login.
6. You will be briefly redirected back to Hamlet's /complete/zooniverse path, then redirected back to hamlet.zooniverse.org
7. You will now see the Hamlet home page, and you'll be logged in ✅

The "it's borked" path, on local developmet

1. Run Hamlet on localhost, Docker. Open http://localhost:8080 (HTTP, not HTTPS!)
2. (same as step 2 above)
3. (same as step 3 above)
4. (same as above)
5. (same as above)
6. ❌ Instead of being redirected back to Hamlet, you'll see a generic error page on the Zooniverse oauth page(e.g. https://www.zooniverse.org/oauth/authorize?client_id=&redirect_uri=...)

• Error message is: "We're sorry, but something went wrong. If you are the application owner check the logs for more information."

Also, not sure if this is related, but on the local Hamlet (bash) console logs, I see...

app_1       | ERROR:django.server:You're accessing the development server over HTTPS, but it only supports HTTP.
app_1       | 
app_1       | code 400, message Bad request version ('\x08http/1.1ÿ\x01\x00\x01\x00\x00\x1b\x00\x03\x02\x00\x02\x00#\x00\x00\x00\x17\x00\x00\x00+\x00\x07\x06\x1a\x1a\x03\x04\x03\x03\x00-\x00\x02\x01\x01Di\x00\x05\x00\x03\x02h2\x00\x12\x00\x00\x00')
app_1       | INFO:django.server:code 400, message Bad request version ('\x08http/1.1ÿ\x01\x00\x01\x00\x00\x1b\x00\x03\x02\x00\x02\x00#\x00\x00\x00\x17\x00\x00\x00+\x00\x07\x06\x1a\x1a\x03\x04\x03\x03\x00-\x00\x02\x01\x01Di\x00\x05\x00\x03\x02h2\x00\x12\x00\x00\x00')
app_1       | You're accessing the development server over HTTPS, but it only supports HTTP. 

Status

Not urgent nor a high priority, as this is only affecting local development and not production.

However, this issue is absolutely preventing any further development of Hamlet, so should be addressed when possible.

Possible next steps:

• Check Panoptes logs for error messages. (I have no idea how to access this)
• Is the Panoptes redirect-back-to-Hamlet failing because the Django server is on http, whereas Panoptes expects https? It may be worth looking into enabling https for local development - I'm looking in this.

[shaunanoordin]

Investigation Update

This issue has now been solved!

The problem:

• My hamlet application was missing the PANOPTES_APPLICATION_ID and PANOPTES_SECRET env variables
• This resulted in the "Login" button redirecting users to the Panoptes oAuth login, but the oAuth login didn't actually have sufficient data.

The solution:

• Go to Panoptes's oAuth applications list, find the Hamlet app, and copy the Application ID and Secret
• Add these to your local development Docker's environment variables, as PANOPTES_APPLICATION_ID and PANOPTES_SECRET
  • This can be done easily by creating a .env file in the root folder of your hamlet repo.

Further actions required:

• The README needs to be updated to account for this solution.

Special thanks to Michelle for pointing out what the problem was!