(2023-01-01) Can't Reset FluxGarden password
A user alerted me that he can't reset his FluxGarden password - he gets 502-Bad-Gateway. I try myself, get same issue. (It happens instantly, so there's not a timeout issue.)
- this code is part of the
Flask-Userlibrary I imported: (2020-10-12) Building user management in WikiFlux - I can log in fine
- argh registering gives 502 also! https://flux.garden/user/register
- noting that these 2 use-cases with issues both involve sending an email......
Confirm db has records.
check logs in /var/log/nginx - error.log has
2023/01/01 19:36:58 [error] 1181616#1181616: *101968 upstream prematurely closed connection while reading response header from upstream, client: 107.140.56.189, server: flux.garden, request: "POST /user/forgot-password HTTP/1.1", upstream: "uwsgi://unix:///home/bill/uwsgi_sockets/wikiweb.socket:", host: "flux.garden"
2023/01/01 19:38:31 [error] 1181616#1181616: *101973 upstream prematurely closed connection while reading response header from upstream, client: 107.140.56.189, server: flux.garden, request: "POST /user/forgot-password HTTP/1.1", upstream: "uwsgi://unix:///home/bill/uwsgi_sockets/wikiweb.socket:", host: "flux.garden"
But all the logs in /var/log/uwsgi/wikiweb.log.* are empty
Checking this approach
- my
/etc/nginx/uwsgi_paramshas all generic stuff in it - don't see anything weird in the site config files
New idea: try work around the email. Is the hash for each user sticky?
- reset-password link in email (for
fluxent+309@gmail.com) looks like http://flux2.garden:5000/user/reset-password/gAAAAABgz2sqTlOSJuWb1QvuCDa165tu6CSvA-oKK2T2iEpyq3WIVg6n1hBtYIA9NsEMc0kd2pccKWcehxLYG6YUSkVU77EWKg- (later, found email that looks like production, for
fluxent+30, sent Jun20'2021. - note that's local server, but let's try anyway with
fluxent+29which haspassword=$2b$12$E8zC5eq9szJdN9dpDvPlS.FIPiTeNOOCrCxRduCQF2UQNuA2rL6CG
- (later, found email that looks like production, for
- turn url into http://flux.garden/user/reset-password/$2b$12$E8zC5eq9szJdN9dpDvPlS.FIPiTeNOOCrCxRduCQF2UQNuA2rL6CG
- nope
Your reset password token is invalid.
- nope
Moving-forward options
- keep pushing on 502 issue (ask friend)
- find way to generate/log user's reset-hash
- ??
Saw some bits about file permissions, which has bit me before. And those 0-byte log files are suspicious.... I notice those files have owner bill:bill, while the nginx logs have www-data:adm
- read this piece - find that I have
/etc/systemd/system/wikiweb.serviceand~/wikiweb/wikiweb.servicewhich are identical, and both user user/groupbill:bill- I also notice that the log lines are commented out:
#StandardOutput=append:/var/log/uwsgi/wikiweb.log
##StandardError=append:/var/log/uwsgi/wikiweb.error
- but those aren't even the names of the log files - the names are
access.loganderror.log
Jan03
- uwsgi wasn't logging, had to restart with systemd
- then yes it turned out the issue is emailing - see old Jun04 notes at (2020-10-12) Building user management in WikiFlux
- it looks like need to go back to using
smtp.gmail.com- didn't help, changed back to
smtp.googlemail.com
- didn't help, changed back to
- also think I changed my email password, and didn't update it here!
- change it in
envfile_service, but it still doesn't help flask_mail.pyis in/usr/local/lib/python3.8/dist-packages/- how did I log more last time?
- ah maybe had to turn "less secure apps" back to On
Edited: | Tweet this! | Search Twitter for discussion
Made with flux.garden