[HELP] Cannot login, error shows "BAD CSRF"

lifehome · 2016-11-03 09:23:43 UTC

Hello all,

I have installed Discourse on my server, and it has ran a long good time, without any troubles.
However after the latest update, I have found that all of the user accounts are failed to login, including admin ones.

After awhile I was suspecting it is a plugin issue, therefore I removed all the plugins then ran ./launcher rebuild app to have it run pure vanilla version, but no cigar to that. For the current situation, it seems like our site is read only and cannot do any action other than reading threads.

Upon any login form submission, it shows this and we have no idea what this means.

Site is located at https://discuss.stickyricelove.com and we are a Non-Profit educating and promoting SexEd in Hong Kong, for teenagers and resolving their wonder and doubts.

Very looking forward to an answer soooooooooooooooooooooon.
Thank you.

codinghorror · 2016-11-03 09:57:41 UTC

It looks like one of your plugins is not compatible with the current version of Discourse. I suggest removing all third party (non-official) plugins and rebuilding.

lifehome · 2016-11-04 04:02:52 UTC

It is already a clean build without plugins, only with the docker_manager. Should I remove that too?

codinghorror · 2016-11-04 04:08:04 UTC

Hmm, did you try upgrading at the command line?

Please SSH into your server and run:

cd /var/discourse
git pull
./launcher rebuild app

lifehome · 2016-11-04 04:11:35 UTC

I have already tried this many many times, and it still shows the same error.

I’m now removing the docker_manager and rebuilding it.

codinghorror · 2016-11-04 04:14:58 UTC

Is this an install that followed our official install guide? Any errors in the rebuild?

lifehome · 2016-11-04 04:16:16 UTC

Yes I have followed the exact steps carefully, and it’s a “no” for the errors. It builds smoothly that I can’t even tell what has gone wrong.

Will extract the backups and rebuild the VPS if nothing works out today.

codinghorror · 2016-11-04 04:17:27 UTC

Do you have this behind cloudflare or anything like that? @sam do you see anything in the pictured JS console errors that would indicate what is the issue?

lifehome · 2016-11-04 04:19:59 UTC

We have consider that issue too, therefore a month ago we completely disabled all Cloudflare features, will also consider moving out Cloudflare since it brings enough troubles for us.

Will there be any override that I can force my current session as an admin? In that way I can get into the backend and see what’s the log telling

stephane · 2016-11-04 04:39:40 UTC

Hello,

I manage a small discourse forum for an opensource project and we have something that looks like the same problem. The error is exactly the same with google chrome, but is different with firefox : the login dialog works normally, the page is refreshed but it does not log me in (screenshots bellow).

It’s a dedicated host, and it doesn’t change much if I rebuild with beta, previous beta, or “tests-passed”. We don’t use cloudfare, but it’s behind a nginx reverse proxy (nothing too fancy). The discourse container is http, but nginx serves it in https through the reverse proxy, if that makes any difference.

I would appreciate any idea if there is something I can try.

Regards,

Stephane

lifehome · 2016-11-04 05:22:54 UTC

@codinghorror @sam Will that be an upstream bug?

codinghorror · 2016-11-04 05:31:07 UTC

We have no repro of this, so it is likely something about your local setup.

lifehome · 2016-11-04 07:50:56 UTC

We’re rebuilding the VPS and installing a fresh Discourse installation, the follow happened and hanged awhile:

Firei · 2016-11-05 14:01:01 UTC

Is there a solution? We have the same problem…

lifehome · 2016-11-07 04:25:41 UTC

It appears to us an upgrade issue. We have backup away the data, and performed a clean install and backup restoration.

However other than that, I have no idea what caused this issue.

stephane · 2016-11-06 18:11:29 UTC

Hello. I tried to run it without the nginx reverse proxy and it did not resolve the issue. Will run a reinstall tomorrow except if anyone think about something that could help by that time.

I noticed that by default, the launcher rebuild script was checking out the “tests-passed” version. Is it a bit dangerous ? should it be beta ? When I update from the admin web screen, it update to the most recent beta instead ?

I had to launch a rebuild before the problem appeared because the host ip from inside the container changed. The host is also my mailserver, and the mail config was in app.yml.

Is it possible that with the rebuild, I updated to a version that somehow corrupted the config ? (I launched the rebuild around 11/02/2016 07:00 PM if that’s any help).

Regards,

Stephane

sam · 2016-11-07 00:15:46 UTC

sam · 2016-11-07 04:23:35 UTC

sam · 2016-11-07 04:24:12 UTC

In future if you feel your issue was not resolved, flag to reopen topic and DON’T accept an answer on the topic.

sam · 2016-11-08 01:19:54 UTC

If you are running a reverse proxy 99.999% the issue is that you are not passing headers right to discourse.