It seems your instance was open to the world and someone hacked your mongodb...
Oh, I didn't realize this is in the fileserver... Probably not related to the login issue...
ImmenseMole52 can you try the following command from the server's console?curl -u <username>:<password> -XGET http://localhost:8008/users.get_current_user
We always recommend to open only ports 8080 , 8008 and 8081 to the world 😞
Can you share the contents of the browser's Dev tools, network panel when trying to log in? I assume there's a 401 or 400 error there, but it's details might be revealing...
And these haven't changed at all? If so, this might be a corruption of the database (mongodb) since the server has entries there for these users, and the error might mean the user can't be located there
auth { # Fixed users login credentials # No other user will be able to login fixed_users { enabled: true users: [ { username: "admin" password: "some-1234-password" name: "admin" }, { username: "marek_cygan" password: "top-secret" name: "Marek Cygan" }, ] } }
OK, so (1) the server recognizes there are user/passwords configured but (2) can't seem to locate the one you're providing... very strange
Can you share how your apiserver.conf (where the users are configured) looks? obviously without the passwords 😄
So the server can't locate the credentials...
Easiest thing would be to connect to the mongodb and query the collections. Do:sudo docker exec -it trains-mongo /bin/bash
than in the docker console do:mongo
Than in the mongo console do:use auth show collectionsThis should show the list of collections (you should have several)
To see the users registered there, do:db.user.find()and see how many entries you get
{"meta":{"id":"43485f72a46b456dbbeff095fdbff775","trx":"43485f72a46b456dbbeff095fdbff775","endpoint":{"name":"auth.fixed_users_mode","requested_version":"2.9","actual_version":"1.0"},"result_code":200,"result_subcode":0,"result_msg":"OK","error_stack":""},"data":{"enabled":true,"guest":{"enabled":false},"server_errors":{}}}
It's still very strange since you say it used to work 😞
Can you try deleting the application cookie? While being on the trains page in the browser devtools you navigate to Application->Cookies and under it delete any trains cookies that are there. I believe that you will need to login after that
READ_ME_TO_RECOVER_YOUR_DATA.README this is the hint...
Use one of the user/password combinations that you've configured - I'd like to see if it's a server issue or some FW/communication issue
Hi ImmenseMole52 , did you do any changes in the docker compose file? If yes, then can you please send your version of the file?
AppetizingMouse58 I didn't 😕 It is default installation on VM instance just including apiserver config with users defined
What about curl -XGET http://localhost:8008/auth.fixed_users_mode ?
Failed to load resource: the server responded with a status of 400 (BAD REQUEST) :8008/v2.9/users.get_current_user:1 Failed to load resource: the server responded with a status of 400 (BAD REQUEST) zone-evergreen.js:2845 POST address/v2.9/auth.login 401 (UNAUTHORIZED)
Did you try restarting the docker compose since the problem start happening?
In mongo logs i can see sth like this:2020-11-08T09:30:07.209+0000 I COMMAND [conn70] dropDatabase DATA_RECOVERY - starting 2020-11-08T09:30:07.209+0000 I COMMAND [conn70] dropDatabase DATA_RECOVERY - dropping 0 collections 2020-11-08T09:30:07.215+0000 I COMMAND [conn70] dropDatabase DATA_RECOVERY - finished 2020-11-08T09:30:07.558+0000 I COMMAND [conn70] dropDatabase config - starting 2020-11-08T09:30:07.558+0000 I COMMAND [conn70] dropDatabase config - dropping 0 collections 2020-11-08T09:30:07.562+0000 I COMMAND [conn70] dropDatabase config - finished 2020-11-08T09:30:07.928+0000 I STORAGE [conn70] createCollection: READ_ME_TO_RECOVER_YOUR_DATA.README with generat
{"meta":{"id":"39a90aa1b6e0474e8c1f75506dc1a2bb","trx":"39a90aa1b6e0474e8c1f75506dc1a2bb","endpoint":{"name":"users.get_current_user","requested_version":"2.9","actual_version":"1.0"},"result_code":401,"result_subcode":22,"result_msg":"Unauthorized (invalid credentials) (failed to locate provided credentials)","error_stack":null},"data":{}}
Oh, I see. Then maybe we can see some more info in the browser dev tools