authentik icon indicating copy to clipboard operation
authentik copied to clipboard

Published 20 hours ago verified publisher icon goauthentik

Cannot Send User Recover Email

Open whitephoenix117 opened this issue 1 year ago • 8 comments

Describe the bug

  • When clicking "Email Recovery Link" from user's, no email is sent
  • Running test email with global settings is successful (ak test_email [address])

To Reproduce Steps to reproduce the behavior: See screenshot

Expected behavior Email is sent.

Screenshots Screenshot 2024-01-02 at 22 26 39

Logs

{"event": "Task authentik.stages.email.tasks.send_mail[802d3516-a5c6-435c-ac83-71c46a1165ec] raised unexpected: OSError(99, 'Cannot assign requested address')"
	, "exception": [
		{"exc_type": "OSError", "exc_value": "[Errno 99] Cannot assign requested address"
			, "frames": [
				{"filename": "/ak-root/venv/lib/python3.11/site-packages/celery/app/trace.py", "line": "", "lineno": 477, "locals": {}, "name": "trace_task"}
				, {"filename": "/ak-root/venv/lib/python3.11/site-packages/sentry_sdk/integrations/celery.py", "line": "", "lineno": 280, "locals": {}, "name": "_inner"}
				, {"filename": "/ak-root/venv/lib/python3.11/site-packages/sentry_sdk/_compat.py", "line": "", "lineno": 115, "locals": {}, "name": "reraise"}
				, {"filename": "/ak-root/venv/lib/python3.11/site-packages/sentry_sdk/integrations/celery.py", "line": "", "lineno": 275, "locals": {}, "name": "_inner"}
				, {"filename": "/ak-root/venv/lib/python3.11/site-packages/celery/app/trace.py", "line": "", "lineno": 760, "locals": {}, "name": "__protected_call__"}
				, {"filename": "/ak-root/venv/lib/python3.11/site-packages/celery/app/autoretry.py", "line": "", "lineno": 60, "locals": {}, "name": "run"}
				, {"filename": "/ak-root/venv/lib/python3.11/site-packages/celery/app/task.py", "line": "", "lineno": 736, "locals": {}, "name": "retry"}
				, {"filename": "/ak-root/venv/lib/python3.11/site-packages/celery/app/autoretry.py", "line": "", "lineno": 38, "locals": {}, "name": "run"}
				, {"filename": "/authentik/stages/email/tasks.py", "line": "", "lineno": 108, "locals": {}, "name": "send_mail"}
				, {"filename": "/authentik/stages/email/tasks.py", "line": "", "lineno": 74, "locals": {}, "name": "send_mail"}
				, {"filename": "/ak-root/venv/lib/python3.11/site-packages/django/core/mail/backends/smtp.py", "line": "", "lineno": 85, "locals": {}, "name": "open"}
				, {"filename": "/usr/local/lib/python3.11/smtplib.py", "line": "", "lineno": 255, "locals": {}, "name": "__init__"}
				, {"filename": "/usr/local/lib/python3.11/smtplib.py", "line": "", "lineno": 341, "locals": {}, "name": "connect"}
				, {"filename": "/usr/local/lib/python3.11/smtplib.py", "line": "", "lineno": 312, "locals": {}, "name": "_get_socket"}
				, {"filename": "/ak-root/venv/lib/python3.11/site-packages/sentry_sdk/integrations/socket.py", "line": "", "lineno": 66, "locals": {}, "name": "create_connection"}
				, {"filename": "/usr/local/lib/python3.11/socket.py", "line": "", "lineno": 851, "locals": {}, "name": "create_connection"}
				, {"filename": "/usr/local/lib/python3.11/socket.py", "line": "", "lineno": 836, "locals": {}, "name": "create_connection"}]
		, "is_cause": false, "syntax_error": null}
	]
, "level": "error", "logger": "celery.app.trace", "timestamp": 1704251501.833631}

Version and Deployment (please complete the following information):

  • authentik version: [2023.10.5]
  • Deployment: [Docker/ Unraid (CA apps)]

Additional context

Running test email with global settings is successful (ak test_email [address]) Not sure whats actually being passed to python, I presume not what set in .env

Connect to *address* (a 2-tuple ``(host,port)``) and return the socket object.

from: https://github.com/python/cpython/blob/3.11/Lib/socket.py#L836

.env AUTHENTIK_EMAIL__USERNAME: [email protected] AUTHENTIK_EMAIL__HOST: smtp.gmail.com AUTHENTIK_EMAIL__HOST: 587 AUTHENTIK_EMAIL__USE_TLS: true AUTHENTIK_EMAIL__PASSWORD: **** AUTHENTIK_EMAIL__FROM: [email protected]

whitephoenix117 avatar Jan 03 '24 03:01 whitephoenix117

Can confirm this is happening on my install as well. Authentik 2023.10.5 Deployment is docker-compose

Global email settings are working fine, running ak test_email [address] with the -s flag and specifying the default-recovery-email as the stage also sends the email correctly, as well as requesting one via the password reset ui. Only when clicking the "Email recovery link" in the admin dashboard the request to the api fails with a 404 error.

Below are the 2 requests in comparison: Clicking the button in the admin interface:

https://[ADDRESS]/api/v3/core/users/5/recovery_email/?email_stage=7701afe7-0186-4d5e-bea3-170c10c24c25

-> 404 Requesting a password reset via the "forgot my password" ui:

https://[ADDRESS]/api/v3/flows/executor/default-recovery-flow/?query=

-> 200

The only thing that is different on my install is that the "Email successfully sent" popup never shows, the confirm button just turns red.

DeinAlbtraumTV avatar Jan 08 '24 21:01 DeinAlbtraumTV

Facing Same issue here, getting 404

image

No response body, no error in logs @BeryJu Please look into this

roney492 avatar Feb 14 '24 16:02 roney492

upon further investigation got to this, auth_via=api_token event=No recovery flow in the logs,

roney492 avatar Feb 14 '24 17:02 roney492

Fixed the Issue by Setting default Recovery flow in Tenant Settings.

roney492 avatar Feb 14 '24 17:02 roney492

Fixed the Issue by Setting default Recovery flow in Tenant Settings.

Thanks for this, for anyone struggling with this its under System > Brands > [authentik-default] > Default Flows > Recovery Flow

nbx3 avatar Mar 13 '24 21:03 nbx3

Personally I don't want a default recovery flow. I want users o need to ask me to personally reset their accounts.

Is this not how the admin triggered email is intended to work?

On Wed, Mar 13, 2024, 17:00 Nick Byrne @.***> wrote:

Fixed the Issue by Setting default Recovery flow in Tenant Settings.

Thanks for this, for anyone struggling with this its under System > Brands

[authentik-default] > Default Flows > Recovery Flow

— Reply to this email directly, view it on GitHub https://github.com/goauthentik/authentik/issues/8049#issuecomment-1995796174, or unsubscribe https://github.com/notifications/unsubscribe-auth/ACOBE6KL3TXCJ6JKFQMU7BDYYC463AVCNFSM6AAAAABBK3TBROVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTSOJVG44TMMJXGQ . You are receiving this because you authored the thread.Message ID: @.***>

whitephoenix117 avatar Mar 13 '24 21:03 whitephoenix117

Personally I don't want a default recovery flow. I want users o need to ask me to personally reset their accounts. Is this not how the admin triggered email is intended to work? On Wed, Mar 13, 2024, 17:00 Nick Byrne @.> wrote: Fixed the Issue by Setting default Recovery flow in Tenant Settings. Thanks for this, for anyone struggling with this its under System > Brands > [authentik-default] > Default Flows > Recovery Flow — Reply to this email directly, view it on GitHub <#8049 (comment)>, or unsubscribe https://github.com/notifications/unsubscribe-auth/ACOBE6KL3TXCJ6JKFQMU7BDYYC463AVCNFSM6AAAAABBK3TBROVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTSOJVG44TMMJXGQ . You are receiving this because you authored the thread.Message ID: @.>

What @roney492 meant in his response was that in order to get any email actually sent out when admin clicks the email recovery button, you have to go and set the "default recovery flow' in the brand/tenant. If you don't set it, then you get a 404 error in the logs when you click "Send link" and you dont get the success bubble in the gui with "Successfully sent email".

nbx3 avatar Mar 14 '24 16:03 nbx3

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

authentik-automation[bot] avatar May 14 '24 01:05 authentik-automation[bot]