chainlit icon indicating copy to clipboard operation
chainlit copied to clipboard

Published 20 hours ago verified publisher icon Chainlit

Authentication Failure in Copilot Mode: Missing Headers

Open lianghsun opened this issue 4 months ago • 2 comments

I've been considering that anything related to tokens would likely utilize header_auth_callback(headers: Dict). I attempted to create a mock login (which guarantees authentication success regardless of the situation) to capture headers sent by the nginx reverse proxy. This approach works in app mode, but fails to receive headers in copilot mode, as illustrated in the attached screenshot:

mock login 截圖 2024-02-27 上午10 50 02

App mode do return headers 截圖 2024-02-27 上午11 06 08

Using the developer tools, I noticed an error message at index.js:78, indicating an unauthorized access attempt:

GET http://localhost:8889/project/settings?language=zh-TW 401 (Unauthorized)

Copilot mode 截圖 2024-02-27 上午10 49 19

App mode 截圖 2024-02-27 上午10 49 01

This issue does not occur in app mode, only in copilot mode. The current problem is that I intend to use headers for authentication in copilot, but the server side does not receive any headers, thus failing to verify identity. Even with mock login (which should ensure authentication success), my simple HTML page displays an unauthorized access error.

Could you advise on how to resolve this issue? Thank you.

lianghsun avatar Feb 27 '24 03:02 lianghsun