Invalid token error when trying to login node-red

faisalchishti · 10 July 2020 11:52

Node-RED: v1.0.6
Node: v10.20.1
OS: Linux xxxxxxxx 3.10.0-514.10.2.el7.x86_64 #1 SMP Thu Mar 2 11:35:29 PST 2017 x86_64 x86_64 x86_64 GNU/Linux

It is worthwhile to note that I am using Docker and persisting node-red data in /data directory. i.e. The settings.js and other files are on the host (/data directory - which is mounted to node-red container /data).

Some background: We make use of Node-RED to create backend APIs for one of our web applications i.e. Node-RED is the backend for our Angular app.

I am able to set up auth using bcrypt and adminAuth setting in the settings.js file. I can login to Node-RED here. Now I want to push these changes to multiple other servers.

I do a docker commit for the image and push the data from the volume (/data) in the form of a tar and push it to a registry. This image is extracted by other hosts that sort out the volume using the entrypoint of the docker image.

Problem: While the login works for the host where I set it up, it does not work for the other servers where I pushed the node-red containers.

I get below error in trace:

10/07/2020 17:05:3510 Jul 11:35:35 - [audit] {"event":"auth.invalid-token","level":98,"timestamp":1594380935483}

10/07/2020 17:06:1110 Jul 11:36:11 - [audit] {"event":"auth.login.fail.credentials","username":"admin","client":"node-red-editor","scope":"","level":98,"timestamp":1594380971194}

10/07/2020 17:10:0210 Jul 11:40:02 - [audit] {"event":"auth.invalid-token","level":98,"timestamp":1594381202139}

10/07/2020 17:19:4010 Jul 11:49:40 - [audit] {"event":"auth.login","username":"admin","client":"node-red-editor","scope":"*","level":98,"timestamp":1594381780401}

I do not get a 'Login failed' message. It just attempts to log in and then comes back to login screen.

faisalchishti · 11 July 2020 08:03

UPDATE: I tried to change the auth from hardcoded value to custom authentication. It seems like a token issue. Here a the errors from my custom login:

11/07/2020 13:27:0611 Jul 07:57:06 - [audit] {"event":"auth.invalid-token","level":98,"timestamp":1594454226435}
11/07/2020 13:27:17Logged In // This is a custom message from my custom login
11/07/2020 13:27:1711 Jul 07:57:17 - [audit] {"event":"auth.login","username":"123456789","client":"node-red-editor","scope":"*","level":98,"timestamp":1594454237413}

I am guessing it has something to do with getting or storing tokens. Any help with this appreciated.

The UI does not display any error at the Login screen. It just appears to attempt to login and gets back to login screen.

avinashchuahan · 15 July 2020 08:10

I am also facing same kind of problem.Have you found any solution so far?

faisalchishti · 15 July 2020 19:19

I did manage to identify the issue. In my case, we were pushing the images to multiple servers that were load balanced using HAProxy. So, when we attempt to login Node-RED, it autheticates, saves the session in a file on the filesystem, then does a get call to retrieve the session. Since we have it load balance in round-robin fashion, the get request goes to the next available server (where i cannot find the session). So in this case, one solution is to enable sticky sessions on HAProxy using cookies.

avinashchuahan · 16 July 2020 07:52

Hi,
thanks for the response . I will have to figure out my problem.It looks different with same error message.

faisalchishti · 16 July 2020 08:35

Are you sure you’ve updated the right settings file? Are file system permissions for the node-red user correct? Does the .sessions.json file get updated when you attempt logging in?

avinashchuahan · 16 July 2020 09:08

=>Below id the index file of my NODE-RED Application

Please check if that helps.

avinashchuahan · 16 July 2020 09:09

knolleary · 16 July 2020 09:15

@avinashchuahan pasting lots of screenshots of code does not help.

I can now see you are doing this on IBM Cloud - I've already responded to your other thread with some questions for you to answer.

To save me having to do a line-by-line comparison, have you modified this code at all from what the IBM Cloud Node-RED starter kits gives you to begin with?

avinashchuahan · 16 July 2020 09:23

I have not done any modification to this file.I tried restarting the node-red Application and saw the logs.
Everything looks fine.

It's like when I am giving the Login credential problem arises.
thanks

knolleary · 16 July 2020 09:25

And have you set the NODE_RED_USERNAME and NODE_RED_PASSWORD environment variables, or are you using the credentials you provided to the setup screens you were shown when you first accessed the application?

avinashchuahan · 16 July 2020 09:27

I have not used environment variable.It's the same way I provided during setup.

system · 30 July 2020 09:27

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Node-RED Won't Start - ERR_INVALID_CALLBACK General docker	3	112	11 August 2024
Email Node - Login fails on some servers General	1	321	7 December 2020
Context file in node red docker General docker	3	30	12 December 2024
Can't do auth Setting in Nodered running on LAN network General node-red-dashboard , security , docker	3	215	15 December 2022
Docker logging says Node-Red 'server now running at ...' but i cannot reach it with browser General docker	5	417	16 December 2022

Invalid token error when trying to login node-red

Related topics