passwordcockpit / passwordcockpit Goto Github PK

Hi, after successful login in self-hosted app in docker I get error on every endpoint.

{"title":"Internal Server Error","type":"https://httpstatus.es/500","status":500,"detail":"An unknown error occurred."}

On local docker it's working good, but on server not. In logs I don't have any useful information, even after set dosplay_errors "On" in php.ini.

[16/Mar/2023:11:34:50 +0000] "GET /api/v1/users/1/permissions HTTP/1.1" 500 506 "http://<hostname>/login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36"

PASSWORDCOCKPIT_SSL is disable,
PASSWORDCOCKPIT_DEBUG is true,
PASSWORDCOCKPIT_AUTHENTICATION_TYPE is password,
PASSWORDCOCKPIT_BLOCK_CIPHER_KEY is supersecretkey,
PASSWORDCOCKPIT_AUTHENTICATION_SECRET_KEY is authenticationsecretkey.

I don't know where to search next...

Error Message received after Installation:
{"status":401,"title":"Unauthorized","type":"https://httpstatuses.com/401","detail":"Token not found."}

Precedure used as described in README @ URL https://github.com/passwordcockpit/passwordcockpit/tree/master/develop:
cd frontend
git checkout origin master
cd ..
cd backend
git checkout origin master
docker-compose restart passwordcockpit_frontend

Further: in README its written => "After that, go to [YOUR-IP]:4200. If everything went correctly, there should be a login page."
Shouldn't that be => "After that, go to [YOUR-IP]:4344. If everything went correctly, there should be a login page." ? My fault so striked through.

Some people may change this Port to 443 standard https port.
But anyhow its not working.

Kind regards.

The button to add new password doesn't show even if I have full privileges

When you click "+" to create a new folder make the enter button do the same as "Add".

Hi this may not be an issue, but I am just checking if there is a way to have a context root to the site, e.g. http://localhost/passwordcockpit

Use Google Docs Consolas

Description:
Password gets visible when clicking "copy to clipboard".
This is not how it should be.

Possible reason:
When clicking the "copy to clipboard" Button, Google Chrome automatically selects the illegible password and so the password does become visible.

Expected result:
Password still not visible on "copy to clipbloard". It should be possible to copy a password to clipboard without making it visible on the screen.

This happens in Midori,Firefox and Chrome...

Needs fix.
Thank you.

Elements are overlapped when the screen is small

Add an attribute in docker-compose.yml to active the development mode.

Simply in config/autoload/mezzio.global.php change 'debug' => false, to 'debug' => true,

"Cannot assign Laminas\Db\Sql\Ddl\Column\Datetime to property Password\Api\V1\Entity\Password::$lastModificationDate of type ?DateTime"

Add a select to the right of the name that allows you to change the language.
You probably need to add an endpoint that allows you to change only the language and not all user data.
This feature can remain enabled even if LDAP is disabled.

When creating a new folder inside of an existing folder, the latter should automatically expand in order to show the newly created folder.

Add a box after logs with the list of accessible folders.
Display a table with 2 columns: the name of the folder and the access rights (read or edit)

Below is an example of the curl generated by Swagger when attempting to test the REST API:

curl -X GET "https://https://localhost/api/v1/folders" -H "accept: application/json"

The environment variable "PASSWORDCOCKPIT_BASEHOST" must have either "http://" or "https://" due to how its being used elsewhere in the entrypoint.sh script. However, since the variable is configured in Swagger.json and Swagger also appends a network protocol via a form selector, the network protocol ends up being included twice.

 "host": "https://localhost",
    "basePath": "/api",
    "schemes": [
        "http",
        "https"
    ]

Most likely need a separate environment variable for just the FQDN or IP address.

To reproduce:

• disable LDAP
• create a new user without password
• An error appears in the popup not translated

When creating an user with LDAP enabled the password must be disabled, so it must allow NULL.
Check also that at login if password = null you should NOT be able to login (This is to prevent you from accidentally disabling LDAP everyone can login)

Replace creation of config/autoload/ local files with list file with list with getEnv

An error appears in the console when the user is logged and he navigates to login page

Add a column before "Password's title" of the password named "Folder name".
Add the name of the folder.

It seems that this problem appears with all languages when inserting a single character in the title field when creating a new password

e.g.:

$stdout = fopen('php://stderr', 'w');
fwrite($stdout, $logText);

Add the stacktrace too. If it's to long create an application.log

Hi,

I can't connect users when ldap backend is configured, all I've got is the red pop-up (Error, Wrong username or password).
These are the parameters that I added to docker-compose.yml :
PASSWORDCOCKPIT_AUTHENTICATION_TYPE: ldap PASSWORDCOCKPIT_LDAP_HOST: ip.address.of.dc PASSWORDCOCKPIT_LDAP_PORT: 389 PASSWORDCOCKPIT_LDAP_USERNAME: uid-name,CN=user,OU=OU,DC=domain,DC=com PASSWORDCOCKPIT_LDAP_PASSWORD: my_password PASSWORDCOCKPIT_LDAP_BASEDN: OU=OU,DC=domain,DC=com PASSWORDCOCKPIT_LDAP_ACCOUNTFILTERFORMAT: (&(memberOf=CN=group,OU=OU,DC=domain,DC=com)(uid=%s)) PASSWORDCOCKPIT_LDAP_BINDREQUIRESDN: 'false' (I tested both without luck)
Do you have any hint to help me configure ldap connection?

Does the default admin work if ldap is configured? Which user is the admin?

Thank you in advance.
Mathieu

Endpoint /passwords?q=searchField.

It returns 500 internal server error when searching a word that appears in a saved element which has no password or username.

Is there a hidden option to enable LDAP Start TLS?
If yes could you add it to the docs?

ember build -p
without
SRI: { enabled: false, },

in ember-cli-build.js calculates an integrity check for js and css files that are linked in index.html.
This doesn't allow you to change the js and css code after the build, so you can't change the host in the container.

To put back the functionality find the way to calculate and add the integrity with the entrypoint

This was done to create the image in docker.

Specifications: https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity

Hi folks,

it is not possible to change the following username and/or passwords in docker-compose.yml for
image: passwordcockpit/passwordcockpit:1.2.2-php-7.3-apache

Changing one of the following will result in connection errors:

•         PASSWORDCOCKPIT_DATABASE_USERNAME: passwordcockpit_db_usr
  

•         PASSWORDCOCKPIT_DATABASE_PASSWORD: password
  

  • MYSQL_ROOT_PASSWORD=root_password

•         - MYSQL_USER=passwordcockpit_db_usr
  

•         - MYSQL_PASSWORD=password
  

Suggestion:
If they are not intended to get changed by Sys-Admin, than there should be a comment or variables should be removed (or commented) from docker-compose.yml and some info in documentation is appreciated.

Thank you and kind regards!
Raphael

Hello!
I installed the docker version of this application, everything is fine except of the file upload, when I try to attach any type of file to the password entry they get Mime type error message. I tried to modify the .htaccess file and added the requested types but does not impacted to the behaviour. Please help were I'm doing wrong.

Thanks a lot,
BR
Megyo

Eg: Password 496 (name of the password) deleted

Solution:
when PASSWORDCOCKPIT_SSL: disabled, the entrypoint have to add in config/autoload/authentication.local.php the IP like relaxed, e.g.
'relaxed' => ['10.0.0.1']

and modify JwtAuthenticationFactory to read the parameter 'relaxed'

I installed passwordcockpit following the instruction on a LXC in a Proxmox hypervisor. However, neither "admin" "Admin123!" and "user" "User123!" grant me access to the service. Any combination of username and password will return the same "undifined error". Would anyone know what cause the problem?