New gitit users cannot log in after creating an account

Question

New gitit users cannot log in after creating an account

Closed this issue 3 years ago · 12 comments

This is with 8063ea9 and with Chrome Version 94.0.4606.61 (Official Build) (64-bit)

Steps to reproduce:

Be on windows 10
Get debian from Windows Store (follow instructions for WSL2 setup)
get into wsl debian
sudo apt install -y git haskell-stack
cd; git clone https://jgm/gitit
cd gitit; stack install
mkdir ~/testgitit; cd ~/testgitit
gitit --print-default-config > my.conf
gitit -f my.conf
browse to http://localhost:5001
on Front page: click 'edit'
on Login page: click 'click here to get one'
fill in form (with real email address)
right-click password field, select 'Suggest Password...', click 'Use suggested password'.
click Register
now back at Login page, username/password are prefilled by chrome, click Login
nothing happens - still on Login page, still pre-filled, no error messages and not logged in.
back to front page by clicking the dog, clicking 'login / get an account', then click login button -> back to front page, NOT logged in.

There's no sent email with an account verification link, and no error message either. Nothing is in the log file apart from the 7 Created/Added lines.

Making it save password reset emails locally:

cat <<EF > fakemail
#!/bin/bash
cat > ~/fakemail
EF
chmod +x fakemail
cat my.conf | sed 's/sendmail/.\/fakemail/' > fm.conf
gitit -f fm.conf

And now at least the reset URL email can be seen with cat ~/fakemail, but repeating account generation does not put an account creation email there.

What's going on? There's a line in gitit-users, and I can ask for a password regeneration and use the link to change the password, but I still can't log in.

Answer 1 · 2021-10-03T16:32:12.000Z

Not sure. Have you tried with older releases? Is this a regression?

Answer 2 · 2021-10-11T21:12:02.000Z

I'm also having this issue on Windows 10 / WSL2.

Answer 3 · 2021-10-11T21:18:03.000Z

@Daedalus359 Please indicate what version you're using, and how you built/installed it.

Answer 4 · 2021-10-11T21:28:53.000Z

gitit version 0.15.0.0

Installed via stack according to gitit's Hackage readme:

git clone https://github.com/jgm/gitit
cd gitit
stack install

This was within my WSL2 instance, which is Ubuntu 20.04 from the Microsoft store.

Edit: I'm planning to try this on a native Linux computer next weekend, so I can report back if there's any reason to think WSL2 could be the issue.

Edit 2: Following up on the plans mentioned above - my new computer is a Raspberry Pi 4, and I didn't realize there was a relative lack of support for Stack or the Haskell Platform on that architecture. As a result, I unfortunately won't be able to try gitit anywhere else for now.

Answer 5 · 2021-11-01T02:03:56.000Z

I can confirm this issue also appearing on linux natively. System here is:

NAME=NixOS
ID=nixos
VERSION="21.11 (Porcupine)"
VERSION_CODENAME=porcupine
VERSION_ID="21.11"
BUILD_ID="21.11pre326545.9303cc04458"
PRETTY_NAME="NixOS 21.11 (Porcupine)"
LOGO="nix-snowflake"
HOME_URL="https://nixos.org/"
DOCUMENTATION_URL="https://nixos.org/learn.html"
SUPPORT_URL="https://nixos.org/community.html"
BUG_REPORT_URL="https://github.com/NixOS/nixpkgs/issues"

Methods tried were:

Using a nix-shell -p haskellPackages.gitit command to get a shell with a gitit fetched from cache
Running cabal install gitit and running the executable from the cabal binary directory.

Thank you for your time.

Answer 6 · 2021-12-10T17:04:31.000Z

Confirming that the login issue is also present on OpenBSD 7.0 / GHC 8.10.6 with gitit installed either via cabal install gitit or by cloning the repo (b03c78e) and cabal install per the README.

Creating account works correctly and shows up in gitit-users
Logging in with the correct password redirects to the Front Page, with "Login / Get an Account" still in the upper right
Creating or editing a page shows the author as "Anonymous" instead of the user
The only cookie set is "sid", value "SessionKey%20336540901", with an expiry one hour in the future
Same behavior with Firefox or a Chromium-based browser, normal or private mode

Answer 7 · 2021-12-10T18:48:09.000Z

Yes, I see this too with a fresh install (on macos -- apparently this is not os-specific).
Not sure when this stopped working or why, but I'll look into it a bit.

Answer 8 · 2021-12-10T20:04:59.000Z

Lab note: with some tracing, I can see that in withUserFromSession, getSession is returning Nothing. Even though the cookie is being set, we're getting pSessionKey = Nothing in params.
Note: the value of the cookie is SessionKey%20336540901 (as noted above, number will differ). Perhaps we've got an issue here involving FromReqURI for SessionKey. Looking at the code, it seems that it is expecting just a number, not SessionKey number.

Answer 9 · 2021-12-10T20:23:22.000Z

Think I've got it figured out.

Answer 10 · 2021-12-10T20:24:35.000Z

This was a regression introduced by 111a2f1 (Aug 11 2021) which made SessionKey a newtype. This changed its Show instance and broke the session cookie reading code. My fault, sorry!

Answer 11 · 2021-12-10T20:30:27.000Z

This should be fixed by e27bd3f
Testing would be welcome!
And then I can make a new release.

Answer 12 · 2021-12-10T22:31:42.000Z

Working perfectly with e27bd3f, thanks very much for the quick fix!