`setup.pl` - Clicking create button causes ``Bad request: CSRF token failure``
Closed this issue · 11 comments
Version
1.11.18-dev
What browsers are you seeing the problem on?
No response
What happened?
I'm running a modified docker image on Digitalocean's App Platform based on the code at commit 0bcd809: https://gist.github.com/walidmujahid/db362783268147b3c3259be33dc76d1f
I was trying to setup a company through setup.pl, however, when I click the create button, I get a Bad request: CSRF token failure.
This issue happened to me also when I initially tested with the docker hub ledgersmb/ledgersmb:1.11.17 image without nginx.
What should have happened?
I was expecting to be able to setup the company after clicking the create button.
As s work around, the login button also creates a new company when you try to log into a non existent database.
@ehuelsmann I think perhaps due to my using Digitalocean's managed databases, that's not much of an option (I'm not 100% sure). When I try logging in with a database I didn't create through the digitalocean dashboard, I get:
Error!
Could not connect to database: connection to server at "ledgersmb-do-user-66666666-0.k.db.ondigitalocean.com" (11.111.111.111), port 25060 failed: FATAL: database "postgres" does not exist at lib/LedgerSMB/Scripts/setup.pm line 267.
dbversion: 1.11.18-dev, company:
So, after familiarising myself a bit with this codebase, and figuring out what I needed to do for #8410, I've been able to play with my own workaround for my specific setup getting around the createdb: https://gist.github.com/walidmujahid/f4049bce9364b67da09a33385d81bf02
I'm still figuring things out, but I'm better able to make progress now.
@ehuelsmann Should this issue stay open?
EDIT:
I successfully created a script that prepares a company database in a "pre-created" database in Digitalocean's managed database platform.
I don't know how many people are facing this use case, but I'll keep the gist public for anyone that may stumble across this in the future. My specific use case is: Deploying ledgersmb app on the Digitalocean platform and connecting it with a managed Postgres database.
@ehuelsmann After a lot of reading of your codebase, and the merging of PR #8414, I have settled on a workaround that stable for my use case. By the way, this file was really useful for me in understanding the usage of ledgersmb-admin script: https://github.com/ledgersmb/LedgerSMB/blob/1.11/UI/tests/specs/openapi/database.js
Use Case Overview
Launching LedgerSMB on DigitalOcean App Platform
Steps Taken to launch LedgerSMB on DigitalOcean App Platform
Modifications to Dockerfile
https://gist.github.com/walidmujahid/db362783268147b3c3259be33dc76d1f
Modifications include:
- Pulling from ledgersmb codebase at a given commit (to include changes and fixes not released)
- combine nginx into single image and modify start.sh script (app should be small enough for it to not be a problem despite not being best practice to have multiple services inside a single image)
- create transpiled version of javascript with (since it's being pulled from repo instead of distributed archives):
make js
Create Container Registry on DigitalOcean
For easy deployments to App platform, the following container registry was created for our custom docker images.
Create Managed Database
- Go to: cloud.digitalocean.com/databases
- Click "Create Database" button
- Choose datacenter
- Select database engine: PostgreSQL v16
- CPU options. E.g: Regular
- Select a plan. E.g: $13.00 - 1 vCPU / 1 GB RAM / Storage minimum: 10 GB / Connection limit: 22
- Choose database name. E.G: ledgersmb (or any other name)
Our Launch Steps on App Platform
- Go to: cloud.digitalocean.com/apps
- Select service provider: DigitalOcean Container Registry
- Use appropriate custom image from registry
- Keep autodeploy
- adjust resource and app settings
- connect managed database
- add PG* environment variables for db connection: PGHOST, PGPORT, PGDATABASE, PGUSER, and PGPASSWORD.
Prepare Company Databse
Use custom script to prepare the company in the Digitalocean managed database.
- Create
testdb(or any other name) in the Digitalocean managed database dashboard - In the App Platform console, Run:
curl https://gist.githubusercontent.com/walidmujahid/f4049bce9364b67da09a33385d81bf02/raw/20f2c39fc810d533c25b0cedca3d2b8351bf2c42/prepare-company-with-digitalocean-managed-database >> /srv/ledgersmb/bin/prepare-company-with-digitalocean-managed-database && chmod +x /srv/ledgersmb/bin/prepare-company-with-digitalocean-managed-database - Then, with
/srv/ledgersmbas the working directory:./bin/prepare-company-with-digitalocean-managed-database --host=ledgersmb-do-user-66666666-0.k.db.ondigitalocean.com --port=25060 --company=testdb --owner=doadmin --password=DB_PASSWORD --cc=us --coa=locale/coa/us/GeneralHierarchical.xml
Create User
In the App Platform console, Run: ./ledgersmb-admin user create testdb --username=admin --password=admin --employeennumber=1 --country='United States' --first-name=Admin --last-name=Name --permission='Full Permissions'
Load COA
In the App Platform console, Run: ./bin/ledgersmb-admin setup load testdb locale/coa/us/GeneralHierarchical.xml
Er soll need to investigate the reason for the rejection of the CSRF token.
@ehuelsmann On our setup, I navigated to the setup.pl endpoint. If I hit the login button with a nonexistent database, I get this error:
Error!
Could not connect to database: connection to server at "ledgersmb-do-user-6666666-0.k.db.ondigitalocean.com" (111.11.111.111), port 25060 failed: FATAL: database "postgres" does not exist at lib/LedgerSMB/Scripts/setup.pm line 267.
dbversion: 1.11.18-dev, company:
If I hit create for that non-existent databse, I get this:
Error!
Could not connect to database: connection to server at "ledgersmb-do-user-6666666-0.k.db.ondigitalocean.com" (111.11.111.111), port 25060 failed: FATAL: database "postgres" does not exist at lib/LedgerSMB/Scripts/setup.pm line 1123.
dbversion: 1.11.18-dev, company:
Does a digital ocean Pg database have an administrative database by another name, maybe? The "postgres" database is normally the database that is the administrator's "default database". The admin database to be used is configurable in the Docker YAML configuration file; see the configuration section in https://github.com/ledgersmb/LedgerSMB/blob/master/doc/conf/ledgersmb.yaml#L243-L255. See https://github.com/ledgersmb/ledgersmb-docker/blob/1.11/README.md#overriding-or-adding-configuration for more information on how to add the extra config to your container.
I was trying to setup a company through setup.pl, however, when I click the create button, I get a
Bad request: CSRF token failure.
@walidmujahid could it be that you restarted the container between the point where you loaded the page in setup.pl and the point where you clicked on "Create" or "Login" triggering the CSRF error? If so, this was a side-effect of restarting the container.
@ehuelsmann I'm no longer seeing the CSRF token failure. I'm not really sure what resolved that. I' just seeing those other errors I mentioned. I'm going to looking into the default database question you posed on digitalocean and do some tests with the config yaml file.
I was trying to setup a company through setup.pl, however, when I click the create button, I get a
Bad request: CSRF token failure.@walidmujahid could it be that you restarted the container between the point where you loaded the page in setup.pl and the point where you clicked on "Create" or "Login" triggering the CSRF error? If so, this was a side-effect of restarting the container.
Let's create a separate issue for the DigitalOcean Login/Create failures and close the problem with the CSRF token as that's disappeared now that things settled down.
Let's create a separate issue for the DigitalOcean Login/Create failures and close the problem with the CSRF token as that's disappeared now that things settled down.
@ehuelsmann Sounds good.