~migadu/alps#153: 
login-key doesn't preserve logins over restart

Steps to reproduce:

  • Generate a key for the -login-key option. I've submitted a patch to add documentation here (https://lists.sr.ht/~migadu/alps-devel/patches/23601)
  • Start alps using the -login-key option.
  • Login in my browser.
  • Restart alps ensuring the same -login-key is specified.
  • Reload the page in my browser.

Expected behaviour:

  • Page loads and I'm still logged in.

Actual behaviour:

  • I am redirected to the login screen.

Notes: Since this option appears to be undocumented, perhaps it simply isn't finished and tested yet. I can do some further investigation later.

Status
RESOLVED FIXED
Submitter
~mfashby
Assigned to
No-one
Submitted
1 year, 7 months ago
Updated
1 year, 7 months ago
Labels
No labels applied.

~emersion 1 year, 7 months ago

Anything in the server logs?

~mfashby 1 year, 7 months ago

Turned debug logging on and tried again, nothing interesting I can see.

2021-07-04T13:56:32Z - Configured upstream IMAP server: <mail server>
2021-07-04T13:56:32Z - Configured upstream SMTP server: <mail server>
2021-07-04T13:56:32Z - Loaded plugin "base"
2021-07-04T13:56:32Z - Loaded plugin "viewhtml"
2021-07-04T13:56:32Z - Loaded plugin "viewtext"
2021-07-04T13:56:32Z - Loading theme "alps"
2021-07-04T13:56:32Z - Loading theme "sourcehut"
⇨ http server started on 0.0.0.0:1323
2021-07-04T13:56:35Z method=GET, uri=/login?next=%2Fmailbox%2FINBOX, status=200

Will do some more digging.

~mfashby 1 year, 7 months ago

I added some logging, seems the cookie is getting lost somehow. Logging:

@@ -315,6 +315,11 @@ func (ctx *Context) SetLoginToken(username, password string) {
 func (ctx *Context) GetLoginToken() (string, string) {
        cookie, err := ctx.Cookie(loginTokenCookieName)
        if err != nil || cookie == nil {
+               if err != nil {
+                       log.Println(err)
+               } else {
+                       log.Println("cookie is null")
+               }
                return "", ""
        }

Result:

⇨ http server started on 0.0.0.0:1323
2021/07/04 14:07:47 http: named cookie not present

~mfashby 1 year, 7 months ago

I thought it might be the reverse proxy, but it's much simpler than that:

The loginToken cookie is only set if the 'remember me' checkbox is ticked on the login page. This checkbox is only present in the 'alps' theme, not the base or sourcehut themes.

It should probably be added to those themes I guess.

Separately, the alps theme crashes when it tries to load my inbox, but another issue should be raised for that probably.

~mfashby REPORTED FIXED 1 year, 7 months ago

Closing; this works as expected and I've submitted a patch to clarify the documentation (thanks for accepting)

I'll open separate tickets for subsequent issues.

Register here or Log in to comment, or comment via email.