In mongo logs i can see sth like this:2020-11-08T09:30:07.209+0000 I COMMAND [conn70] dropDatabase DATA_RECOVERY - starting 2020-11-08T09:30:07.209+0000 I COMMAND [conn70] dropDatabase DATA_RECOVERY - dropping 0 collections 2020-11-08T09:30:07.215+0000 I COMMAND [conn70] dropDatabase DATA_RECOVERY - finished 2020-11-08T09:30:07.558+0000 I COMMAND [conn70] dropDatabase config - starting 2020-11-08T09:30:07.558+0000 I COMMAND [conn70] dropDatabase config - dropping 0 collections 2020-11-08T09:30:07.562+0000 I COMMAND [conn70] dropDatabase config - finished 2020-11-08T09:30:07.928+0000 I STORAGE [conn70] createCollection: READ_ME_TO_RECOVER_YOUR_DATA.README with generat
Can you share the contents of the browser's Dev tools, network panel when trying to log in? I assume there's a 401 or 400 error there, but it's details might be revealing...
Oh, I didn't realize this is in the fileserver... Probably not related to the login issue...
Can you share how your apiserver.conf (where the users are configured) looks? obviously without the passwords 😄
What about curl -XGET http://localhost:8008/auth.fixed_users_mode ?
AppetizingMouse58 I didn't 😕 It is default installation on VM instance just including apiserver config with users defined
It seems your instance was open to the world and someone hacked your mongodb...
Easiest thing would be to connect to the mongodb and query the collections. Do:sudo docker exec -it trains-mongo /bin/bash
than in the docker console do:mongo
Than in the mongo console do:use auth show collectionsThis should show the list of collections (you should have several)
To see the users registered there, do:db.user.find()and see how many entries you get
OK, so (1) the server recognizes there are user/passwords configured but (2) can't seem to locate the one you're providing... very strange
Use one of the user/password combinations that you've configured - I'd like to see if it's a server issue or some FW/communication issue
Did you try restarting the docker compose since the problem start happening?
It's still very strange since you say it used to work 😞
So the server can't locate the credentials...
Failed to load resource: the server responded with a status of 400 (BAD REQUEST) :8008/v2.9/users.get_current_user:1 Failed to load resource: the server responded with a status of 400 (BAD REQUEST) zone-evergreen.js:2845 POST address/v2.9/auth.login 401 (UNAUTHORIZED)
{"meta":{"id":"43485f72a46b456dbbeff095fdbff775","trx":"43485f72a46b456dbbeff095fdbff775","endpoint":{"name":"auth.fixed_users_mode","requested_version":"2.9","actual_version":"1.0"},"result_code":200,"result_subcode":0,"result_msg":"OK","error_stack":""},"data":{"enabled":true,"guest":{"enabled":false},"server_errors":{}}}
ImmenseMole52 can you try the following command from the server's console?curl -u <username>:<password> -XGET http://localhost:8008/users.get_current_user
auth { # Fixed users login credentials # No other user will be able to login fixed_users { enabled: true users: [ { username: "admin" password: "some-1234-password" name: "admin" }, { username: "marek_cygan" password: "top-secret" name: "Marek Cygan" }, ] } }
READ_ME_TO_RECOVER_YOUR_DATA.README this is the hint...
We always recommend to open only ports 8080 , 8008 and 8081 to the world 😞
Oh, I see. Then maybe we can see some more info in the browser dev tools
Hi ImmenseMole52 , did you do any changes in the docker compose file? If yes, then can you please send your version of the file?
{"meta":{"id":"39a90aa1b6e0474e8c1f75506dc1a2bb","trx":"39a90aa1b6e0474e8c1f75506dc1a2bb","endpoint":{"name":"users.get_current_user","requested_version":"2.9","actual_version":"1.0"},"result_code":401,"result_subcode":22,"result_msg":"Unauthorized (invalid credentials) (failed to locate provided credentials)","error_stack":null},"data":{}}
And these haven't changed at all? If so, this might be a corruption of the database (mongodb) since the server has entries there for these users, and the error might mean the user can't be located there
Can you try deleting the application cookie? While being on the trains page in the browser devtools you navigate to Application->Cookies and under it delete any trains cookies that are there. I believe that you will need to login after that