Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

traefik basic authentication broken with v2 #202

Closed
jnnngs opened this issue Nov 18, 2021 · 12 comments · Fixed by #206
Closed

traefik basic authentication broken with v2 #202

jnnngs opened this issue Nov 18, 2021 · 12 comments · Fixed by #206
Labels
🐞 Bug Something isn't working

Comments

@jnnngs
Copy link

jnnngs commented Nov 18, 2021

I use traefik to provide basic authentication in front of flame (loving it BTW!), which now continually prompts for the user/password details with the latest flame version. Reverting back to flame:1.7.4 removes the new issue.

I'm guessing it's a cookie issue somewhere with flame?

Flame docker labels used for traefik:
traefik.http.middlewares.traefik-basicauth.basicauth.users : USER:PASSWORD
traefik.http.middlewares.traefik.addprefix.prefix : traefik-basicauth

traefik basicauth doc link: https://doc.traefik.io/traefik/v2.0/middlewares/basicauth/

Happy to provide additional info and test any fixes.
@pawelmalak
Copy link
Owner

I know nothing about traefik so I won't be much of a help here. Hopefully someone with similar setup will be able to help.

Also, someone reported that he had to disable nginx basic auth for v2.0: #179 (comment)

@jnnngs
Copy link
Author

jnnngs commented Nov 18, 2021

Its probably the same issue then. I'll take a look and compare 1.7.4 and 2.0 cookies.

I'll report back...

@Gallardo26
Copy link

Gallardo26 commented Nov 18, 2021
edited
Loading

Having similar issue but I'm using HAproxy ACL with http-request auth in my PFsense. Have no issue with other services until I updated Flame to the latest.

@jnnngs
Copy link
Author

jnnngs commented Nov 18, 2021

It seems a conflict with the new password authentication - https://github.com/pawelmalak/flame/wiki/Authentication

I'm still looking into it...

@jnnngs
Copy link
Author

jnnngs commented Nov 18, 2021

Its a clash with JWT and the Authorization header field. Traefik, nginx and HAproxy use this header field for basic auth, but flame is using it for version 2.0.

I guess a good conclusion would be for flame to implement an optional setting that offers the same username/password basic auth when first launching?

Feature Request?

@ekremparlak
Copy link
Contributor

ekremparlak commented Nov 18, 2021
edited
Loading

I change Flame's Authorization header to Authorization-Flame here: ekremparlak@d9e9ef8
Its seem to working but the problem i found when you tried to open the api directly like https://example.com/api/apps it doesn't work.

@ekremparlak
Copy link
Contributor

Looks like https://example.com/api/apps was same without changes

@jnnngs
Copy link
Author

jnnngs commented Nov 18, 2021

Is there a possible fix?

@pawelmalak
Copy link
Owner

Can anyone pull pawelmalak/flame:dev and check if it's working with your basicauth setup?

@jnnngs
Copy link
Author

jnnngs commented Nov 19, 2021

Yes, ill test it now ...

@jnnngs
Copy link
Author

jnnngs commented Nov 19, 2021

Confirmed working perfectly using basic auth on Traefik !!

:)

@pawelmalak
Copy link
Owner

That's great. I'll have to test a few more things but it should be out with the next version.

@pawelmalak pawelmalak added the 🐞 Bug Something isn't working label Nov 19, 2021
@pawelmalak pawelmalak linked a pull request Nov 19, 2021 that will close this issue
Version 2.0.1 #206
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
🐞 Bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Version 2.0.1 pawelmalak/flame
4 participants
@jnnngs @Gallardo26 @ekremparlak @pawelmalak