Can't get basic auth working in production

Question

Can't get basic auth working in production

Closed this issue 9 years ago · 6 comments

Title says it all really, my basic auth works fine in dev and test, however it won't accept my username/password in production. I enter the details and the box just pops back up again with empty fields. I've tried included the config in prod.exs as well as prod.private.exs (not that it should make a difference) and have tried using environment variables and explicitly defining the credentials. Have also tried submitting blank credentials. (this all makes me think the issue isn't with the credentials themselves).

Environments are (almost) identical, Ubuntu server, sites are behind nginx. Using SSL. There's no setup I can think of that differs between the two, apart from very slightly different domains (.dev and .in).

Is there anything likely to be getting in the way here? Any common things to look for?

Edit: Have just been thinking, I could just set up the basic auth for this site using nginx directly - so if all else fails that's worth a go, but I'd rather resolve the issue if possible.

Answer 1 · 2016-02-06T19:05:22.000Z

could you please copy paste a diff of changes you have made to you app to include the plugin?

Answer 2 · 2016-02-06T20:20:35.000Z

Sorry @kubum I should have closed this - I cant remember what the issue was now, but I resolved it. It wasn't a problem with the package.

Answer 3 · 2017-03-31T17:16:22.000Z

I've got the same issue. We deploy thorugh edeliver to ElasticBeanstalk, in case that's relevant.

At first we thought it might have to do with env variables, but the application was reading them correctly. I even hardwired the username and password options, but still after deploying that change we can never authenticate.

In development and test environments it works as expected.

Answer 4 · 2017-04-03T12:09:59.000Z

Hi @tute, that sounds strange. Without knowing more about your configuration, I'm a bit stuck.

Have you tried running the production release locally to investigate? How's the sysconfig looking in your release? Is it what you'd expect?

Answer 5 · 2017-04-03T18:40:11.000Z

We use were using edeliver's username: "${BASIC_AUTH_USERNAME}" syntax instead of username: {:system, "BASIC_AUTH_USERNAME"} one. We just verified the latter works well, and everything runs smoothly now. Thank you!

Author: Tute Costa <tutecosta@gmail.com>
Date:   Mon Apr 3 15:01:25 2017 -0300

    Bugfix around BasicAuth
    
    BasicAuth credentials are resolved at compile time, when the environment
    variables don't exist: https://github.com/CultivateHQ/basic_auth/blob/master/lib/basic_auth.ex#L49-L51
    
    The user/password combination resulted in the literals
    `${BASIC_AUTH_USERNAME}` and `${BASIC_AUTH_PASSWORD}`.
    
    Using the "{:system, VAR}" syntax works as expected.
    
diff --git a/config/prod.exs b/config/prod.exs
index 07fe933d..77279cd8 100644
--- a/config/prod.exs
+++ b/config/prod.exs
@@ -63,8 +63,8 @@ config :ex_aws,
   secret_access_key: ["${AWS_SECRET_ACCESS_KEY}", :instance_role]
 
 config :admin, admin_config: [
-  username: "${BASIC_AUTH_USERNAME}",
-  password: "${BASIC_AUTH_PASSWORD}",
+  username: {:system, "BASIC_AUTH_USERNAME"},
+  password: {:system, "BASIC_AUTH_PASSWORD"},
   realm: "Admin Area"
 ]

Answer 6 · 2017-04-06T14:40:36.000Z

@tute 👍