Authentication errors after migrating to v7

This is a template you can use to report issues. You can also drag images, videos and include Preformatted text

Hello :)
We cannot authenticate on our forestadmin project since upgrade to v7 .
Everything working fine in dev mod
I guess we are doing something wrong ... :(

Access to fetch at 'https://admin.production.panopli.co/forest/authentication' from origin 'https://app.forestadmin.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.

Request URL: https://admin.production.panopli.co/forest/authentication
Referrer Policy: strict-origin-when-cross-origin
Provisional headers are shown
Content-Type: application/json; charset=utf-8
Referer: https://app.forestadmin.com/
sec-ch-ua: " Not;A Brand";v="99", "Google Chrome";v="91", "Chromium";v="91"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.114 Safari/537.36


Request URL: https://admin.production.panopli.co/forest/authentication
Request Method: OPTIONS
Status Code: 502 
Remote Address: 34.95.84.11:443
Referrer Policy: strict-origin-when-cross-origin
alt-svc: clear
content-length: 332
content-type: text/html; charset=UTF-8
date: Mon, 12 Jul 2021 09:09:47 GMT
referrer-policy: no-referrer
:authority: admin.production.panopli.co
:method: OPTIONS
:path: /forest/authentication
:scheme: https
accept: */*
accept-encoding: gzip, deflate, br
accept-language: fr-FR,fr;q=0.9,en-US;q=0.8,en;q=0.7
access-control-request-headers: content-type
access-control-request-method: POST
origin: https://app.forestadmin.com
referer: https://app.forestadmin.com/
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: cross-site
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.114 Safari/537.36

Expected behavior

Please describe here the behavior you are expecting.

Actual behavior

What is the current behavior?

Failure Logs

Please include any relevant log snippets, if necessary.

Context

Please provide any relevant information about your setup.

• Package Version: 7.8.3
• Express Version: 4.17.19
• Sequelize Version:
• Database Dialect: mongo
• Database Version:
• Project Name: Panopli

Hello @Tom,

Thanks for your feedback!

Your browser is getting a 502 error for the request that it’s sending OPTIONS https://admin.production.panopli.co/forest/authentication

This request is the first one that is launched to your agent before anything else.

The 502 error indicates a “Bad gateway error”, meaning that your reverse proxy cannot access to your agent to redirect the request.

Can you first test if you can access this agent from your browser, at the addess https://admin.production.panopli.com? You should see " Your application is running!`. If it’s not the case, then I guess that something is wrong with your configuration.

Hello @GuillaumeGautreau
Indeed the admin.production.panopli.co isn’t accessible
Everything was fine in dev mod, any clues on what could break ?

Well i got errors on my gcp container logs
first i get flooded by
PM2 error: (node:1) Warning: Accessing non-existent property ‘to’ of module exports inside circular dependency

then

2021-07-12T09:56:30: PM2 error: TypeError [ERR_INVALID_ARG_TYPE]: The “data” argument must be of type string or an instance of Buffer, TypedArray, or DataView. Received type number (1)

then i get the normal forestadmin logs

EDIT : well nevermind those logs also appears after we rolled back the migration , we can correctly log after rolled back

Hello, a 502 error indicates one of the following:

• Either your agent is not running
• Or it’s listening on a port that is not the one you configured in nginx/apache

I tested again to access your agent, and I don’t have the same error. Do you have the same error when trying to login in?

I rolled back to v5 to make it work ( we have a very old project )
The agent in v7 seems to init correctly as we get the welcome logs " Your admin panel is available here: https://app.forestadmin.com/projects" on my container logger.
Then i get 404 everytime i try to authenticate

Do you have the 404 error with the v7 or v5?

The v5 is working fine, i log in no pb .

The 404 occurs with v7

Ok, then the error is no more a 502 as it was at the beginning.

Now, I suppose that the OPTIONS request receives a valid response, but you get a 404 on /forest/session?

As you are modifying a production environment, you have to copy the file forestadmin-schema from the dev environment that you already migrated and that you validated.

This file contains a declaration of the version that is being used by the server, and this version is used to determine which endpoint to use when logging in (it changed in v7).

Hello , i apologize i was on holiday :slight_smile
We did not receive any OPTIONS .
Here’s my container logs wen i’m building the app

container1030×472 78.4 KB

The 502 from admin.production.panopli.co is from our load balancer ( it cannot find any healthy pod ).
I have no clue on what is going on . The V7 upgrade works fine on localhost, no error message and i can use the app.

Hello @Tom,

Can you open the developer tools in your browser, select the network tab and try to login to your agent?

Then, please share with us the details about the queries that are failing (request & response headers and content).

Thanks

Hello @GuillaumeGautreau

Documentlocalhost	
1 requests
465 B transferred
139 B resources
Finish: 13 ms
DOMContentLoaded: 260 ms
Load: 259 ms
Request URL: http://localhost:3000/
Request Method: GET
Status Code: 404 Not Found
Remote Address: [::1]:3000
Referrer Policy: strict-origin-when-cross-origin
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 139
Content-Security-Policy: default-src 'none'
Content-Type: text/html; charset=utf-8
Date: Mon, 26 Jul 2021 10:04:47 GMT
Keep-Alive: timeout=5
Vary: Origin
X-Content-Type-Options: nosniff
X-Powered-By: Express
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate, br
Accept-Language: fr-FR,fr;q=0.9,en-US;q=0.8,en;q=0.7
Cache-Control: max-age=0
Connection: keep-alive
Cookie: _ga=GA1.1.2064795909.1594195069; nQ_cookieId=da041558-f2e1-15df-86f6-33055be93573; _scid=33b89df8-5876-456f-9779-f8f571edbf50; intercom-session-hf6w2yvr=ZmZBcThqNjI1R2ZVaE9iOXZPbnpmV1h0NE04WmtrR1V1cW80Z3J6c3F2aEpiZE9jYzZDNmpUeThDRG5RNUlNVy0tOEtZaWh4M1J3aDNxakRJUlF2b0JFUT09--39d1dc3c2423671b40c04555930543e1cdb8d4d0
Host: localhost:3000
sec-ch-ua: " Not;A Brand";v="99", "Google Chrome";v="91", "Chromium";v="91"
sec-ch-ua-mobile: ?0
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.114 Safari/537.36

And the response

Cannot GET /

Hello @Tom,

Did you create a new application targetting MongoDB, or did you add the forestadmin-mongoose package to an existing app?

I’m not sure of what you’r asking me .
We have an “old” project ( i guess we start on V2 ) . We are currently on V5 ( i rolled back the V7 update )

Ok, then the route / is probably not defined on the backend. As you get a 404 error, it means that a backend is correctly responding.

Now, let’s move on to the next topic: authentication.

Can you please open the right environment on your project, in your browser, open the developer tools and identify the requests that are failing during the authentication?

Hello again Sorry for late response . Thank you for your help @GuillaumeGautreau , it was actually an healtcheck issue , we were trying on / and we get no reponses ( as it wasn’t define on the backend) . Changing the healtcheck url on our side solve the problem
Have a nice day