Comments (11)
I'm having the same issues, but I'm running it as a docker container.
Downgrading to 3.1.1 fixes the issue for now.
from leantime.
Are you running Leantime behind a proxy?
We hardened our session management and part of the hash now includes HTTP_HOST and the ip address from which the request originated. If those things change you will be logged out.
Additionally the cookie sameSite parameter was set to "Strict"
Can you check if there are any errors in logs/error.log ? If there is a session mismatch (client ip + http_host) there will be entries stating: "failed ip and host check"
from leantime.
I'm not using Docker with a reverse proxy. Just PHP-FPM 8.1 and Nginx. My Nginx config looks like this:
server {
listen 80;
listen [::]:80;
server_name projects.mydomain.com;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name projects.mydomain.com;
set $base /path/to/projects.mydomain.com/www;
root $base/public;
error_log /path/to/projects.mydomain.com/log/error.log;
access_log /path/to/projects.mydomain.com/log/access.log;
ssl_certificate /etc/letsencrypt/live/mydomain.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/mydomain.com/privkey.pem;
include /etc/letsencrypt/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
# index.php
index index.php;
location ~.php$ {
# 404
try_files $fastcgi_script_name =404;
# default fastcgi_params
include fastcgi_params;
# fastcgi settings
fastcgi_pass unix:/var/run/php/php8.1-fpm.sock;
fastcgi_index index.php;
fastcgi_buffers 8 16k;
fastcgi_buffer_size 32k;
# fastcgi params
fastcgi_param DOCUMENT_ROOT $realpath_root;
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
fastcgi_param PHP_ADMIN_VALUE "open_basedir=$base/:/usr/lib/php/:/tmp/";
}
location / {
try_files $uri $uri/ /index.php?$args;
}
# additional config
# favicon.ico
location = /favicon.ico {
log_not_found off;
access_log off;
}
# robots.txt
location = /robots.txt {
log_not_found off;
access_log off;
}
# assets, media
location ~* \.(?:css(\.map)?|js(\.map)?|jpe?g|png|gif|ico|cur|heic|webp|tiff?|mp3|m4a|aac|ogg|midi?|wav|mp4|mov|webm|mpe?g|avi|ogv|flv|wmv)$ {
expires 7d;
access_log off;
}
# svg, fonts
location ~* \.(?:svgz?|ttf|ttc|otf|eot|woff2?)$ {
add_header Access-Control-Allow-Origin "*";
expires 7d;
access_log off;
}
# gzip
gzip on;
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_types text/plain text/css text/xml application/json application/javascript application/rss+xml application/atom+xml image/svg+xml;
}
from leantime.
I thought maybe it was Cloudflare or my floating IP, but I've tried disabling proxying and even just putting the direct IP of the server in my local hosts file. Makes no difference.
from leantime.
I have tried installing this and running this all the ways the documentation instructs even using panels like Cloudron, and other devs to help me with this. It the login bugs out and I am unable to get in. I use Cloudflare and even changing those settings didn't help.
After logging in, this is immediately what pops up. After you sign in again, it just goes back to the main login page.
![Screenshot 2024-04-30 at 11 29 10 AM](https://private-user-images.githubusercontent.com/133275670/326901252-b00dc48d-96d4-4eac-8678-26e7af4610dc.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MTg5NDcyMzIsIm5iZiI6MTcxODk0NjkzMiwicGF0aCI6Ii8xMzMyNzU2NzAvMzI2OTAxMjUyLWIwMGRjNDhkLTk2ZDQtNGVhYy04Njc4LTI2ZTdhZjQ2MTBkYy5wbmc_WC1BbXotQWxnb3JpdGhtPUFXUzQtSE1BQy1TSEEyNTYmWC1BbXotQ3JlZGVudGlhbD1BS0lBVkNPRFlMU0E1M1BRSzRaQSUyRjIwMjQwNjIxJTJGdXMtZWFzdC0xJTJGczMlMkZhd3M0X3JlcXVlc3QmWC1BbXotRGF0ZT0yMDI0MDYyMVQwNTE1MzJaJlgtQW16LUV4cGlyZXM9MzAwJlgtQW16LVNpZ25hdHVyZT1hNmM5MmUwY2QyODg1MGE3YWNmMTI3Zjk2Y2ViMzM2M2MzNGUxNTM2ZTg4ZDQ5MDFkNjg0ZWQxNjBlM2FiZjVkJlgtQW16LVNpZ25lZEhlYWRlcnM9aG9zdCZhY3Rvcl9pZD0wJmtleV9pZD0wJnJlcG9faWQ9MCJ9.MmSuIsM-H1Wcet3y-w4m-tHTBQxIJXH6utt2is_gFCo)
from leantime.
from leantime.
I reinstalled with 3.1.3 and the issue is resolved. Thanks!
from leantime.
Glad that fixed it. My guess is that HTTP_HOST is not set under some circumstances or potentially changes. Which is why it was resetting the session. I am now using SERVER_NAME is backup in case http_host is not set.
from leantime.
@marcelfolaron What is the expected way to resolve this for docker and reverse proxies. I didn't see any new instructions for configuration. I'm tagging you because I didn't want to create a new issue.
I've got traffic coming through cloudflare and then traefik to the leantime docker container.
Attempted running latest as of today, 3.1.4, 3.1.3, 3.1.2.
Downgrading to 3.1.1 does resolve the issue for me.
from leantime.
from leantime.
Maybe this isn't what you are looking for, but after passing through Cloudflare, Traefik, and Authentik here are some ideas regarding the headers that are making there way to leantime.
notable headers
IP: Some Docker Container IP 172.x.x.x
RemoteAddr: Docker Router 172.x.x.1
Cf-Connecting-Ip: Real IP - From Cloudflare
X-Forwarded-For: 172.x.x.x Docker Client Same as X-Real-IP
X-Real-Ip: 172.x.x.x
from leantime.
Related Issues (20)
- /dashboard/home stuck loading notifications HOT 2
- [BUG] Unable to log in with OIDC. Redirects back to login page. HOT 3
- Sweep: Localization missing for "headlines.welcome_to_research_board"
- [BUG] Changing IP address invalidates session
- click on task in gantt view as commentator role leads to 404 [BUG]
- [BUG] Issue with Tags in To-Do - Error 500
- [BUG] Import data from CSV file HOT 3
- [FEATURE] pull to-dos across all projects HOT 2
- [FEATURE] Add Effort as a filterable field
- [BUG] UI Bug: Alerts not scrollable HOT 4
- [FEATURE] Support for searching tickets by status type in API
- [FEATURE] Performance improvement: Don't reload whole dashboard when closing a ticket HOT 1
- [BUG] UI: No line-breaks for long markdown statements (leads to overlaying other UI elements)
- [BUG]No database connection HOT 1
- Subtask: Not able to make description on newly created
- Ability to specify Email From Name by an environment var
- [FEATURE] Links on headline on My Timesheets
- [FEATURE] Link to-dos, milestones and other objects in comments HOT 2
- [BUG] Calendar Event Drag Not working HOT 2
- [FEATURE] hardware dial, think logseq, ai notes HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from leantime.