All my datas are not accessible because Forest Admin refuses me the access after having repeated my password
Observed behavior
When I try to access my FA table, I log in as usual by entering my authentication information (mail+pw), which are valid and allow me to access my project choices. When I choose my project and try to access it, FA asks me to confirm my password, which I do by entering my password (the same one that allowed me to access the list of my projects) but FA refuses me access with the error message “Your password is incorrect, please try again.”
On our side, we have no errors on the server and have not made any recent changes.
However, we have a 401 error on the authentication request with : {"errors":[{"status":401, "detail": "Forest cannot authenticate the user for this request.", "name": "Unauthorized"}]}
This problem has happened to me in the past but it was solved by itself after one or two days max. This time, I have been denied access for almost a week!
Expected behavior
Re-access the FA panel of my project.
Failure Logs
Context
Project name: Yonkt
Team name: Operations
Environment name: Production
Agent type & version: “forest-express”: “^8.7.1",
“forest-express-mongoose”: “^7.8.1",
In our system, your agent is known as having the version 6.3.6, and in your description you are pointing that your agent is running version 7.8.1.
The problem you are describing comes from a version mismatch because with version 7+ we changed the authentication protocol, allowing not to type your password a second time.
It could be 2 different reasons for this to happen:
If you have multiple instances running of your agent, pointing to the same FOREST_ENVIRONMENT_SECRET, one with the old version, the other with the new version
If you recently made the change in your production, but did not update the forest-schema file. This can happen on production environments because schema files are not regenerated automatically in production.
Yes sorry, there is an error in the post concerning the versions used.
We have only one server and it uses forest-express-mongoose: ^8.7.6 for some time now and we have made absolutely no changes to our app since
Ok, can you please share with us the meta key inside the .forestadmin-schema.json file of your server?
I’d like to check that the version here is correct.
Your forestadmin-schema indicates that the server is correctly configured with the version 8.7.6.
Can you confirm that this file is the one present on your production server, and not coming from your development environment?
On our side, we suspect that you have 2 servers running at the same time, one on the old version and another on the new version, and sharing the same FOREST_ENV_SECRET because we recorded:
A new version (v8.7.6) sent to our servers August the 27th
An old version (v6.3.6) sent to our servers November the 27th
Yes I confirm that our only production server is on the right version !
I think that when you talk about 2 servers running at the same time, that it was probably our staging version that was not up to date but we disabled it.
I had checked by connecting directly to the server.
Have you found a way to solve this problem?
This is starting to last for a long time and has seriously impacted the users of the services… Is there really no solution so that I can regain access to my project?
There is a server on your side that is sending old info on a regular basis. We received 2 versions of your production environment, meaning that 2 different servers share the same FOREST_ENV_SECRET. On our side we cannot “force” the right version because you have something that is messing up with the config.
My suggestion, to fix this issue is to change the value of FOREST_ENV_SECRET of your production environment, and update the config on your production server.
Unfortunately, that’s not something you can do on your side. So let me know when you want to proceed to the change, and I’ll send you the new value in a secured way.
Once received, you’ll have to update the configuration of your server that is responding to the url yonkt.herokuapp.com which is your production environment, and restart it.
Let me know if it’s OK for you.
If it’s not enough, we can schedule a call in order to figure it out.
I sent an email to a user identified as administrator on your project with the instructions. Please confirm by email that you’re ok with the change, and copy the value I sent you. I’ll make the change as soon as I have your confirmation.
Once I’ll make the change, you’ll need to restart your production server.