You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I am trying to login and start using my wger Docker installation, but if I login with credentials username: admin password: adminadmin, it gives me the following error:
The following comes with the error when DEBUG is equal to TRUE:
`Help
Reason given for failure:
Origin checking failed - https://fit.super.org.za does not match any trusted origins.
In general, this can occur when there is a genuine Cross Site Request Forgery, or when [Django’s CSRF mechanism](https://docs.djangoproject.com/en/4.0/ref/csrf/) has not been used correctly. For POST forms, you need to ensure:
Your browser is accepting cookies.
The view function passes a request to the template’s [render](https://docs.djangoproject.com/en/dev/topics/templates/#django.template.backends.base.Template.render) method.
In the template, there is a {% csrf_token %} template tag inside each POST form that targets an internal URL.
If you are not using CsrfViewMiddleware, then you must use csrf_protect on any views that use the csrf_token template tag, as well as those that accept the POST data.
The form has a valid CSRF token. After logging in in another browser tab or hitting the back button after a login, you may need to reload the page with the form, because the token is rotated after a login.
You’re seeing the help section of this page because you have DEBUG = True in your Django settings file. Change that to False, and only the initial error message will be displayed.
You can customize this page using the CSRF_FAILURE_VIEW setting.`
This is my Docker-Compose file:
`#
# Please consult the `Deployment` section in the readme if you want to deploy
# this. You need to keep this nginx service, even if you have your own, otherwise
# the static files will not be served correctly!
#
services:
web:
image: wger/server:latest
container_name: wger_server
depends_on:
db:
condition: service_healthy
cache:
condition: service_healthy
env_file:
- ./config/prod.env
volumes:
- static:/home/wger/static
- media:/home/wger/media
# For development, mount your local git checkout
# - type: bind
# source: /path/to/wger/sourcecode
# target: /home/wger/src/
ports:
- "8000"
healthcheck:
test: wget --no-verbose --tries=1 --spider http://localhost:8000
interval: 10s
timeout: 5s
retries: 5
restart: unless-stopped
nginx:
image: nginx:stable
container_name: wger_nginx
depends_on:
- web
volumes:
- ./config/nginx.conf:/etc/nginx/conf.d/default.conf
- static:/wger/static:ro
- media:/wger/media:ro
ports:
- "830:80"
healthcheck:
test: service nginx status
interval: 10s
timeout: 5s
retries: 5
restart: unless-stopped
db:
image: postgres:12-alpine
container_name: wger_db
environment:
- POSTGRES_USER=wger
- POSTGRES_PASSWORD=passwordimadeup
- POSTGRES_DB=wger
volumes:
- postgres-data:/var/lib/postgresql/data/
expose:
- 5432
healthcheck:
test: pg_isready -U wger
interval: 10s
timeout: 5s
retries: 5
restart: unless-stopped
cache:
image: redis
container_name: wger_cache
expose:
- 6379
healthcheck:
test: redis-cli ping
interval: 10s
timeout: 5s
retries: 5
restart: unless-stopped
volumes:
postgres-data:
static:
media:
networks:
default:
name: wger_network`
NGINX.conf file:
`upstream wger {
server web:8000;
}
server {
listen 80;
location / {
proxy_pass http://wger;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto;
proxy_redirect off;
}
location /static/ {
alias /wger/static/;
}
location /media/ {
alias /wger/media/;
}
# Increase max body size to allow for video uploads
client_max_body_size 1000M;
}`
The prod.env file:
`# Django's secret key, change to a 50 character random string if you are running
# this instance publicly. For an online generator, see e.g. https://djecrety.ir/
SECRET_KEY=a50charactersecretkey
# Signing key used for JWT, use something different than the secret key
SIGNING_KEY=a50charactersecretkey
# The 'from' address used when sending emails
FROM_EMAIL=info@super.org.za
# The server's timezone, for a list of possible names:
# https://en.wikipedia.org/wiki/List_of_tz_database_time_zones
TIME_ZONE=Africa/Johannesburg
#
# Consult the deployment section in the readme if you are running this behind a
# reverse proxy with HTTPS enabled
#
# CSRF_TRUSTED_ORIGINS=https://my.domain.example.com,https://118.999.881.119
# X_FORWARDED_PROTO_HEADER_SET=True
#
# These settings usually don't need changing
#
#
# Application
ALLOW_REGISTRATION=True
ALLOW_GUEST_USERS=True
ALLOW_UPLOAD_VIDEOS=True
# Users won't be able to contribute to exercises if their account age is
# lower than this amount in days.
MIN_ACCOUNT_AGE_TO_TRUST=21
# Note that setting these to true will always perform a sync during startup,
# even if the data is already current and will take some time. Usually you don't
# need to perform these steps so often and a manual trigger (see README) is
# usually enough.
SYNC_EXERCISES_ON_STARTUP=True
DOWNLOAD_EXERCISE_IMAGES_ON_STARTUP=True
#
# Database
DJANGO_DB_ENGINE=django.db.backends.postgresql
DJANGO_DB_DATABASE=wger
DJANGO_DB_USER=wger
DJANGO_DB_PASSWORD=passwordimadeup
DJANGO_DB_HOST=db
DJANGO_DB_PORT=5432
# Perform any new database migrations on startup
DJANGO_PERFORM_MIGRATIONS=True
#
# Cache
DJANGO_CACHE_BACKEND=django_redis.cache.RedisCache
DJANGO_CACHE_LOCATION=redis://cache:6379/1
# 60*60*24*15, 15 Days
DJANGO_CACHE_TIMEOUT=12
DJANGO_CACHE_CLIENT_CLASS=django_redis.client.DefaultClient
#
# Brute force login attacks
# https://django-axes.readthedocs.io/en/latest/index.html
AXES_ENABLED=True
AXES_FAILURE_LIMIT=10
# in minutes
AXES_COOLOFF_TIME=30
AXES_HANDLER=axes.handlers.cache.AxesCacheHandler
#
# Others
DJANGO_DEBUG=True
WGER_USE_GUNICORN=True
EXERCISE_CACHE_TTL=10
SITE_URL=https://mywebsiteurl
#
# JWT auth
# The lifetime duration of the access token, in minutes
ACCESS_TOKEN_LIFETIME=10
# The lifetime duration of the refresh token, in hours
REFRESH_TOKEN_LIFETIME=24
#
# Other possible settings
# RECAPTCHA_PUBLIC_KEY
# RECAPTCHA_PRIVATE_KEY
# NOCAPTCHA
# https://docs.djangoproject.com/en/4.1/topics/email/#smtp-backend
# ENABLE_EMAIL
# EMAIL_HOST
# EMAIL_PORT
# EMAIL_HOST_USER
# EMAIL_HOST_PASSWORD
# EMAIL_USE_TLS
# EMAIL_USE_SSL
# DJANGO_MEDIA_ROOT
# DJANGO_STATIC_ROOT
`
wger server container logs:
`Set site URL to https://URL
Using gunicorn...
[2023-01-03 13:11:02 +0000] [116] [INFO] Starting gunicorn 20.1.0
[2023-01-03 13:11:02 +0000] [116] [INFO] Listening at: http://0.0.0.0:8000 (116)
[2023-01-03 13:11:02 +0000] [116] [INFO] Using worker: sync
[2023-01-03 13:11:02 +0000] [117] [INFO] Booting worker with pid: 117
Forbidden (Origin checking failed - https://URL does not match any trusted origins.): /en/user/login`
`The files belonging to this database system will be owned by user "postgres".
This user must also own the server process.
The database cluster will be initialized with locale "en_US.utf8".
The default database encoding has accordingly been set to "UTF8".
The default text search configuration will be set to "english".
Data page checksums are disabled.
fixing permissions on existing directory /var/lib/postgresql/data ... ok
creating subdirectories ... ok
selecting dynamic shared memory implementation ... posix
selecting default max_connections ... 100
selecting default shared_buffers ... 128MB
selecting default time zone ... UTC
creating configuration files ... ok
running bootstrap script ... ok
sh: locale: not found
2023-01-03 12:47:18.721 UTC [30] WARNING: no usable system locales were found
performing post-bootstrap initialization ... ok
syncing data to disk ... ok
initdb: warning: enabling "trust" authentication for local connections
You can change this by editing pg_hba.conf or using the option -A, or
--auth-local and --auth-host, the next time you run initdb.
Success. You can now start the database server using:
pg_ctl -D /var/lib/postgresql/data -l logfile start
waiting for server to start....2023-01-03 12:47:20.257 UTC [36] LOG: starting PostgreSQL 12.13 on x86_64-pc-linux-musl, compiled by gcc (Alpine 12.2.1_git20220924-r4) 12.2.1 20220924, 64-bit
2023-01-03 12:47:20.260 UTC [36] LOG: listening on Unix socket "/var/run/postgresql/.s.PGSQL.5432"
2023-01-03 12:47:20.299 UTC [37] LOG: database system was shut down at 2023-01-03 12:47:19 UTC
2023-01-03 12:47:20.307 UTC [36] LOG: database system is ready to accept connections
done
server started
CREATE DATABASE
/usr/local/bin/docker-entrypoint.sh: ignoring /docker-entrypoint-initdb.d/*
2023-01-03 12:47:20.754 UTC [36] LOG: received fast shutdown request
waiting for server to shut down....2023-01-03 12:47:20.757 UTC [36] LOG: aborting any active transactions
2023-01-03 12:47:20.760 UTC [36] LOG: background worker "logical replication launcher" (PID 43) exited with exit code 1
2023-01-03 12:47:20.763 UTC [38] LOG: shutting down
2023-01-03 12:47:20.787 UTC [36] LOG: database system is shut down
done
server stopped
PostgreSQL init process complete; ready for start up.
2023-01-03 12:47:20.883 UTC [1] LOG: starting PostgreSQL 12.13 on x86_64-pc-linux-musl, compiled by gcc (Alpine 12.2.1_git20220924-r4) 12.2.1 20220924, 64-bit
2023-01-03 12:47:20.883 UTC [1] LOG: listening on IPv4 address "0.0.0.0", port 5432
2023-01-03 12:47:20.883 UTC [1] LOG: listening on IPv6 address "::", port 5432
2023-01-03 12:47:20.892 UTC [1] LOG: listening on Unix socket "/var/run/postgresql/.s.PGSQL.5432"
2023-01-03 12:47:20.950 UTC [51] LOG: database system was shut down at 2023-01-03 12:47:20 UTC
2023-01-03 12:47:20.979 UTC [1] LOG: database system is ready to accept connections
2023-01-03 12:47:31.513 UTC [65] ERROR: relation "auth_user" does not exist at character 35
2023-01-03 12:47:31.513 UTC [65] STATEMENT: SELECT COUNT(*) AS "__count" FROM "auth_user"`
PLEASE HELP!
The text was updated successfully, but these errors were encountered:
This was introduced with the update to django 4.0 (wger-project/wger#1203) and unfortunately we can't automatically avoid this. The good news is that this is only a single config change, just add to the env file CSRF_TRUSTED_ORIGINS=https://fit.super.org.za and any other domains and IPs, etc under which the application should be reached (there's a bit more info in the readme now)
Unfortunately I'm running into this issue as well, simply for having changed the http port from 80. I run many services on my machine by which I only access through secure vpn, so I do not desire https nor reverse proxy.
It is most convenient when docker images don't assume to be externally accessed from port 80. In the docker compose, normally I expect that changing "80:80" to "<available-port>:80" won't cause issues. Wger is far from the first to misbehave when I do this, though :)
I tried following the instructions in the readme, but since I am not running a reverse proxy, they do not work for me.
sadly there isn't much we can do. You say that adding your IP/port, etc to the setting doesn't work? You can also change the debug setting to true, then it will show you which origin it has problems with (I also think this is whown in the logs as well, but I'm not completely sure)
Good day
I am trying to login and start using my wger Docker installation, but if I login with credentials username: admin password: adminadmin, it gives me the following error:
I have no idea what that means.
The following comes with the error when DEBUG is equal to TRUE:
This is my Docker-Compose file:
NGINX.conf file:
The prod.env file:
wger server container logs:
wger Nginx container logs:
wger db container logs:
PLEASE HELP!
The text was updated successfully, but these errors were encountered: