Unable to authenticate you Please verify that your admin backend is correctly configured and running

This is a template you can use to report issues. You can also drag images, videos and include Preformatted text

Should be able to reach admin panel after successful setup

Please describe here the behavior you are expecting.

I created a new project, using Ruby on Rails as the datasource. I followed instructions, added gem, migrated, dev:cache, and started server. Everything went smoothly, but once on the admin panel, I am getting the following message:

" Unable to authenticate you
Please verify that your admin backend is correctly configured and running."

What is the current behavior?

no logs

Please include any relevant log snippets, if necessary.

Context

Please provide any relevant information about your setup.

rails 6.1

1 Like

Hi @muz :wave:t3:

Without any backtrace or console errors, it will be a little difficult to identify the culprit. Are you using a wild card value ‘*’ for your Access-Control-Allow-Origin using the rack cors gem? If that’s the case it might be conflicting with the forest_liana configuration.

My best guess is this is the issue. Another user has encountered it previously and it has been solved by the tech team on this community thread. You can also take a look at this section in the docs to configure your CORS headers.

Feel free to send our way any error from the backtraces/or browser console logs so we can get to the bottom of this for you.

Cheers,

Hi @ziad, thanks for the reply, much appreciated!

We are using a wild card value for Access-Control-Allow-Origin, so as suggested, so added this to config/application.rb

For Rails 5, use the class Rack::Cors. For Rails 4, you MUST use the string ‘Rack::Cors’.

config.middleware.insert_before 0, Rack::Cors do
  allow do
    origins 'app.forestadmin.com'
    resource '*', headers: :any, methods: :any,
    expose: ['Content-Disposition'],
    credentials: true
  end
end

But still getting the same error.
Here is the browser console error.
domPolicy
{…}

cascaded: false

navigationURL: “http://app.forestadmin.com/PROJECT

permissions: Object { capabilities: (10) […], temp: true }

: Object { … }
sandbox eval code:14:19
Cannot register variant_records because forest-active-storage–variant-record model does not exists. vendor-19fc41a7234d5f2504fa2c1636572491.js:20254:59
Forest Admin :evergreen_tree: Failed to start Drift tracking. vendor-19fc41a7234d5f2504fa2c1636572491.js:20254:59

Thanks again for your help!

Hi @ziad

Here is a better console error (using chromium)

Access to fetch at ‘http://localhost:3000/forest/authentication’ from origin ‘http://app.forestadmin.com’ has been blocked by CORS policy: Response to preflight request doesn’t pass access control check: No ‘Access-Control-Allow-Origin’ header is present on the requested resource. If an opaque response serves your needs, set the request’s mode to ‘no-cors’ to fetch the resource with CORS disabled.

Thanks!

Hi @muz :wave: welcome to our community.
Which version of rails do you use?

Same here, we are locked out of our forest.

rails 6.0.3.4
forest_liana 6.0.2

cors.rb

Rails.application.config.middleware.insert_before 0, Rack::Cors do
  allow do
    origins 'app.forestadmin.com'
    resource '*', headers: :any, methods: :any, expose: ['Content-Disposition'], credentials: true
  end

  allow do
    origins '*'
    resource '*', headers: :any, methods: :any, expose: ['Content-Disposition']
  end
end

We have experienced some issues on login with the forest_liana: < 6.0.3 can you try with this version please and back to me? :pray:

With what version exactly?

Edit: we tested with gem ‘forest_liana’, ‘< 6.0.3’

forest_liana (6.0.2)
      arel-helpers
      bcrypt
      groupdate (= 2.5.2)
      httparty
      ipaddress
      json
      json-jwt
      jsonapi-serializers (>= 0.14.0)
      jwt
      openid_connect
      rack-cors
      rails (>= 4.0)
      useragent

still the same message

Hi @Arnaud_Moncel

We are using Rails version 6.1.1

@Arnaud_Moncel

I installed forest_liana version 6.0.3 yesterday on two separate Rails projects: One using Rails version 6.1.0, and the second 6.1.1

The 6.1.0 worked perfectly, but having issues with 6.1.1. They are two completely different apps though, where the 6.1.1 app has the ‘rack-cors’ gem installed, while the 6.1.0 does not.

Is there another forest_liana gem version greater than the 6.0.3 that we should try?

Thanks!

Sorry @sayduck-daniel I mean can you try with the ‘forest_liana’: ‘6.0.3’ version.

forest_liana (6.0.3)
      arel-helpers
      bcrypt
      groupdate (= 2.5.2)
      httparty
      ipaddress
      json
      json-jwt
      jsonapi-serializers (>= 0.14.0)
      jwt
      openid_connect
      rack-cors
      rails (>= 4.0)
      useragent

Thank for your precision we will try to reproduce your issue.

I don’t know if this is relevant but when running rails g forest_liana:install XXXX this was the output where there was an existing secrets.yml file, even if it was empty:

Running via Spring preloader in process 11312
       route  mount ForestLiana::Engine => '/forest'

Forest generated a random authentication secret to secure the data access of your local project.
You can change it at any time in your config/secrets.yml file.

      insert  config/secrets.yml
File unchanged! The supplied flag value not found!  config/secrets.yml
      insert  config/secrets.yml
 initializer  forest_liana.rb

Still not.

    forest_liana (6.0.3)

Unfortunately now both projects are not working. One was working last night, but now getting the same error.

Rails 6.1.3
Rails 6.1.1 (was working last night)

Edit:

My mistake: The one that was working last night (Rails 6.1.1, no separate rack-cors gem) still works. It was an error on my end. The other one still doesn’t though.

Hello @muz, can you confirm that it is still a problem with the CORS? As you tried several things I prefer to be sure.

Can you share a screenshot of the request headers sent to the CORS request that fails?

forest_admin-2021-03-05 10-08-59

In the network tab, can you find the query that causes the issue and share with us as much details about the CORS request and the response?

We need the request and response headers, and the response body.

I had the same issue and found a way to make it work using the new CORS configuration mentioned in the Upgrade to v6 - Documentation

Basically, I added the snippet below in my application.rb :

null_regex = Regexp.new(/\Anull\z/)

    config.middleware.insert_before 0, Rack::Cors do
      allow do
        hostnames = [null_regex, 'localhost:4200', 'app.forestadmin.com', 'localhost:3001']
        hostnames += ENV['CORS_ORIGINS'].split(',') if ENV['CORS_ORIGINS']

        origins hostnames
        resource '*',
          headers: :any,
          methods: :any,
          expose: ['Content-Disposition'],
          credentials: true
      end
    end