Can not login to NodeBB. Login or password wrong

PitaJ

What exact login error are you getting? Can you take a screenshot?

Kosiak

@PitaJ

Kosiak

@baris
I only use https and with the $scheme option I get an "invalid csrf" error when I tried to login to the forum for the first time (only with a cloudflare certificate) and couldn't login due to this error. Now I have already installed a local certificate and I can try to return $scheme but I don't see much point in it because it's still only https everywhere.

Kosiak

Interesting fact, due to the fact that I am logged into the frontend, I was able to change the language of the forum. When I tried to change the password nothing happens. I can enter any nonsense in the "Current Password" field and the form accepts it without errors. But I don't know if the password changes.

I also suspect that when trying to login, there is no request to the database at all, because the error message is issued instantly. Yes, I know that NodeBB is very fast and JS can exchange data quickly. But there doesn't seem to be any delay at all.

Is it possible to disable maintenance mode without going to the admin panel? Perhaps my problems are somehow related to this.

Kosiak

@baris
I returned it to the $sсheme value. As expected to no avail.

Kosiak

Console output:

ServiceWorker registration succeeded.
nodebb.min.js?v=6evjicudach:9 [hooks] Changes to hooks on this page …
nodebb.min.js?v=6evjicudach:9 [hooks] Registered action:ajaxify.start ()=>{g.temporary.forEach(u=>{g.unregister(u.hookName,u.method),g.temporary.delete(u)})}
nodebb.min.js?v=6evjicudach:9 [hooks] Registered action:ajaxify.end ƒ (){document.body.removeEventListener("click",u),s.forEach(function(r){r.click()}),s=[]}
nodebb.min.js?v=6evjicudach:9 [hooks] Registered filter:taskbar.push O=>{O.options.className="taskbar-"+O.module,O.module==="composer"?O.options.icon="fa-commenting-o":O.module==="chat"&&O.element.length&&!O.element.hasClass("active")&&y(O.element)}
nodebb.min.js?v=6evjicudach:9 [hooks] Registered action:taskbar.pushed O=>{if(O.module==="chat"){x(O);var L=O.element.data();L&&L.options&&!L.options.isSelf&&y(O.element)}}
nodebb.min.js?v=6evjicudach:9 [hooks] Registered action:ajaxify.end ƒ (){ajaxify.isCold()||(k=!0)}
nodebb.min.js?v=6evjicudach:9 [hooks] Registered filter:navigator.scroll M=>(L.autoHidingNavbar("setDisableAutohide",!0),M)
nodebb.min.js?v=6evjicudach:9 [hooks] Registered action:navigator.scrolled ()=>{L.autoHidingNavbar("setDisableAutohide",!1)}
nodebb.min.js?v=6evjicudach:9 [hooks] Registered action:ajaxify.end ƒ (){ajaxify.isCold()||(k=!0)}
nodebb.min.js?v=6evjicudach:9 [hooks] Registered action:ajaxify.end ()=>{t(),e(),h.showEmailConfirmWarning()}
nodebb.min.js?v=6evjicudach:9 [hooks] Unregistered action:ajaxify.end ()=>{t(),e(),h.showEmailConfirmWarning()}
nodebb.min.js?v=6evjicudach:61          POST https://kimry.net/login?local=1 403
send @ nodebb.min.js?v=6evjicudach:61
ajax @ nodebb.min.js?v=6evjicudach:61
i.fn.ajaxSubmit @ nodebb.min.js?v=6evjicudach:45
(анонимная) @ login.1278fe0c80a9b48a32c0.min.js:1
dispatch @ nodebb.min.js?v=6evjicudach:58
he.handle @ nodebb.min.js?v=6evjicudach:58

julian

		const passwordMatch = await user.isPasswordCorrect(uid, password, req.ip);
		if (!passwordMatch) {
			return next(new Error('[[error:invalid-login-credentials]]'));
		}

If you're seeing "invalid login credentials", the only code path that sends that specific error back is... if your password is incorrect.

Kosiak

@julian said in Can not login to NodeBB. Login or password wrong:

const passwordMatch = await user.isPasswordCorrect(uid, password, req.ip);
if (!passwordMatch) {
return next(new Error('Invalid login credentials'));
}

What should I do with this code?

julian

Nothing, I'm just letting you know that that's the only place in NodeBB that that error is returned (unless a plugin also happens to return it).

Kosiak

@julian said in Can not login to NodeBB. Login or password wrong:

If you're seeing "invalid login credentials", the only code path that sends that specific error back is... if your password is incorrect.

If the password is incorrect, how can an admin be logged into the front of the forum but not into the admin panel at the same time?

julian

@Kosiak Your login stays active for 14 days (by default), but admin will re-challenge you with password after 1 hour.

Kosiak

@julian How could the password get corrupted in the database? This is my default password for local development. I can't forget it even if I die.
How can I change the password directly in the database?

Kosiak

@Kosiak said in Can not login to NodeBB. Login or password wrong:

Interesting fact, due to the fact that I am logged into the frontend, I was able to change the language of the forum. When I tried to change the password nothing happens. I can enter any nonsense in the "Current Password" field and the form accepts it without errors. But I don't know if the password changes.

How can this behavior be explained?

julian

How can this behavior be explained?

You probably got an error but we didn't show it (probably a bug).

As for the password thing — No idea.

If this is your development database, then drop the database and start over.

Kosiak

@julian said in Can not login to NodeBB. Login or password wrong:

If this is your development database, then drop the database and start over.

This is a ported forum from another engine. Accordingly, I made a lot of edits locally, then transferred to the server where I continued the setup. Yes, definitely, if I rolled back the version that exists on my mac, I would lose a few hours of development and configuration, but I wouldn't spend many hours looking for a login problem. However, I have already wasted this time and I have no guarantees that the problem will not return in a few hours after I re-upload the database from the local version. Perhaps the problem is in the combination of settings that I made in the admin panel, or perhaps an electron flying out of a distant star got into the transistor of my server, corrupting my password. Who knows. However, if I could find a solution or problem that caused the situation, I could sleep more peacefully. Today I have the opportunity to roll back without losing too much, who knows if there will be such an opportunity the next time it happens. I am not a supporter of leaving unresolved problems behind.

Kosiak

I reuploaded the database from my local version. It wasn't easy and restore with "mongorestore --drop" failed. Despite the fact that mongorestore reported that everything was done, nothing has changed. Perhaps NodeBB has a cache somewhere, but I don't know anything about it. I had to first manually delete the mongodb database and then use mongorestore. I restarted Nodebb and got a working version. I can login. However, everything is extremely slow. I have never seen NodeBB run slower than wordpress on apache without a cache. Refreshing some pages takes tens of seconds. Unfortunately, it's almost morning and I have to go to bed because I don't understand anything anymore.
If anyone has an idea what happened with the speed and how to fix it feel free to write it to me.

julian

@kosiak you'll need to rebuild the Mongo indices, NodeBB should do it automatically but there are some commands you can run in mongo if you want to do them yourself.

I don't have them on hand but @baris I'm sure does.

baris

If you want to create indices you can run these in mongo cli.

db.objects.createIndex({ _key: 1, score: -1 });
db.objects.createIndex({ _key: 1, value: -1 }, { unique: true, sparse: true });
db.objects.createIndex({ expireAt: 1 }, { expireAfterSeconds: 0 });

Kosiak

@baris I got error when I tried your commands:

admin> use nodebb
switched to db nodebb
nodebb> db.objects.getIndexes()
[ { v: 2, key: { _id: 1 }, name: '_id_' } ]
nodebb> db.objects.createIndex({ _key: 1, score: -1 });
_key_1_score_-1
nodebb> db.objects.createIndex({ _key: 1, value: -1 }, { unique: true, sparse: true });
MongoServerError: Index build failed: 1374ccee-594f-4a6e-8561-881742cbb123: Collection nodebb.objects ( 2a93f794-19b8-444c-82e5-90190d386264 ) :: caused by :: E11000 duplicate key error collection: nodebb.objects index: _key_1_value_-1 dup key: { _key: "analyticsKeys", value: "uniquevisitors" }
nodebb> db.objects.createIndex({ expireAt: 1 }, { expireAfterSeconds: 0 });
expireAt_1
nodebb> db.objects.getIndexes()
[
  { v: 2, key: { _id: 1 }, name: '_id_' },
  { v: 2, key: { _key: 1, score: -1 }, name: '_key_1_score_-1' },
  {
    v: 2,
    key: { expireAt: 1 },
    name: 'expireAt_1',
    expireAfterSeconds: 0
  }
]
nodebb>

Is it ok?

Kosiak

For my original problem, I think I found a bug.
For some reason the user password length was set to 0 (I didn't set it that way, it's not possible). When I set up my forum, my password was 7 characters long (before launching the site, I change the password to a complex and unique one, but during the development process I use a simple one that I remember). When I transferred the forum to the server and edited Users -> Settings, I set the minimum password to 8 characters, because it was impossible to leave the field with a default value of 0. And here I see a bug, because no one expects this behavior. Once the minimum password is set, NodeBB simply stops accepting any passwords that are shorter. This is completely non-obvious and as an admin I fell into a trap. I would expect two behaviors:

1. Continue to accept set passwords even of shorter length until a password change is required
2. Display a warning and reset passwords of shorter length if the administrator confirms this action.