Admin login fails with 401

geekplux · October 28, 2020, 12:44am

Hey man, great thanks for your guys’ awesome framework and contribution, but I got the same 401 error as 3.1 admin login fails with 401 · Issue #7140 · strapi/strapi · GitHub when I just setup a superuser first time in my production server. The local server is running well and the same code pulled from a git repo at the prod server.

Node.js version: v14.14.0
NPM version: 6.14.8
Strapi version: 3.1.4
Database: MySQL 8.0.22
Operating system: debian

BTW: I don’t have the extension of permission
I saw the registration is successful and the record has been stored in the database, just queried it. All the things seem good, but get 401 and redirect to the login page every time.

How can I debug the details reason of 401?

geekplux · October 28, 2020, 9:31am

https://github.com/strapi/strapi/issues/8501

sunnyson · October 28, 2020, 9:44am

Have you recently migrated from 3.0.x?

Can you check if you have JWT key declared inside the /config/server.js and if you declared the ADMIN_JWT_SECRET in env.

module.exports = ({ env }) => ({
  // ...
  admin: {
    auth: {
      secret: env('ADMIN_JWT_SECRET'),
    },
  },
});`

geekplux · October 28, 2020, 12:06pm

Thanks for your response!

Not upgraded from 3.0, but it does have secret config.

I guessed the token was not passed through the request. I just guess because cannot see verbose log, but probably for this reason.
I set a Nginx reverse proxy, is it affected by this?

sunnyson · October 28, 2020, 12:28pm

I’m using nginx proxy as well, can you try to define manually the JWT secret in config/server.js? Without using ENV

geekplux · October 28, 2020, 1:36pm

thanks @sunnyson, my config/server.js is:

module.exports = ({ env }) => ({
  host: env('HOST', '0.0.0.0'),
  port: env.int('PORT', 1337),
  url: 'https://customurl.com/api',
  admin: {
    auth: {
      secret: env('ADMIN_JWT_SECRET', '1e978b20a8532605b42d18bf01ea37f4'),
    },
  },
});

I too tried to use: {secret: ‘1e978b20a8532605b42d18bf01ea37f4’,}, not works

and nginx conf is:

    # Strapi API and Admin
    location /api/ {
        rewrite ^/api/(.*)$ /$1 break;
        proxy_pass http://strapi;   // upstream has been set to http://127.0.0.1:1337
        proxy_http_version 1.1;
        proxy_set_header X-Forwarded-Host $host;
        proxy_set_header X-Forwarded-Server $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header Host $http_host;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "Upgrade";
        proxy_pass_request_headers on;
    }

geekplux · October 28, 2020, 1:53pm

OH, I found a JWT token passed with request I don’t know where it from.
Can I skip the token validation? which means it is unnecessary for my current project, how to drop it.

DMehaffy · October 28, 2020, 6:34pm

Not sure I understand this? Can you clarify a bit?

geekplux · October 29, 2020, 12:51am

Our current project already has an auth system, it conflicts with the one provided by Strapi, especially when login admin. So I want to skip or disable auth validation of strapi.