goauthentik
Authentik broken after upgrade to version 2024.4.0: Unauthenticated after login
Describe the bug
When I call up Authentik, I get to /if/flow/default-authentication-flow/. Here I log in normally. I am then redirected to the dashboard, but nothing loads. The browser console shows that the API cannot be called because I have no access authorizations (forbidden).
Also, the title of the page when I log in is now Welcome to authentik!. I had changed this before the upgrade
To Reproduce Steps to reproduce the behavior:
- Upgrade from version 2024.2.3 to version 2024.4.0
- Call up Authentik in the web browser
- Log in
- Dashboard opens but does not load
Expected behavior Dashboard loads and I am authorized to access the API
Screenshots
Logs
No errors or anything, just this the whole time:
auth_authentik-server | {"auth_via": "unauthenticated", "domain_url": "0.0.0.0", "event": "/-/health/live/", "host": "0.0.0.0:9000", "level": "info", "logger": "authentik.asgi", "method": "HEAD", "pid": 52, "remote": "127.0.0.1", "request_id": "7d8f08a2b905458f9818e0bfae8bacda", "runtime": 26, "schema_name": "public", "scheme": "http", "status": 204, "timestamp": "2024-04-26T07:31:57.035817", "user": "", "user_agent": "goauthentik.io/healthcheck"}
auth_authentik-worker | {"event": "TenantAwareScheduler: Sending due task clean_expired_models (authentik.core.tasks.clean_expired_models) to all tenants", "level": "info", "logger": "tenant_schemas_celery.scheduler", "timestamp": 1714116720.0116613}
auth_authentik-server | {"auth_via": "unauthenticated", "domain_url": "0.0.0.0", "event": "/-/health/live/", "host": "0.0.0.0:9000", "level": "info", "logger": "authentik.asgi", "method": "HEAD", "pid": 52, "remote": "127.0.0.1", "request_id": "1d08d6cb571a4345b688bd616f416f9c", "runtime": 32, "schema_name": "public", "scheme": "http", "status": 204, "timestamp": "2024-04-26T07:32:27.281937", "user": "", "user_agent": "goauthentik.io/healthcheck"}
Version and Deployment:
- authentik version: 2024.4.0 (Downgrade and dev-server:gh-version-2024.4 were tried after upgrade)
- Deployment: docker-compose
Additional context
- I use authentik behind traefik. With traefik I have various middlewares (e.g. a WAF), which I have also deactivated, but the error still occurs
The browser console log
Navigated to https://identity.my.domain/if/flow/default-authentication-flow/?next=%2F
config.ts:89 authentik(early): version 2024.4.0, apiBase https://identity.my.domain/api/v3
config.ts:89 authentik(early): version 2024.4.0, apiBase https://identity.my.domain/api/v3
middleware.ts:34 authentik/api[my.domain]: 200 GET https://identity.my.domain/api/v3/core/brands/current/
middleware.ts:34 authentik/api[my.domain]: 200 GET https://identity.my.domain/api/v3/root/config/
ws.ts:29 authentik/ws: connected to wss://identity.my.domain/ws/client/
ak-locale-context.ts:81 Setting Locale to ... German (de)
middleware.ts:34 authentik/api[my.domain]: 200 GET https://identity.my.domain/api/v3/root/config/
middleware.ts:34 authentik/api[my.domain]: 200 GET https://identity.my.domain/api/v3/flows/executor/default-authentication-flow/?query=next%3D%252F
middleware.ts:34 authentik/api[my.domain]: 200 GET https://identity.my.domain/api/v3/core/brands/current/
CaptchaStage.ts:57 authentik/stages/captcha: script loaded
CaptchaStage.ts:63 authentik/stages/captcha[handleGReCaptcha]: trying handler
CaptchaStage.ts:63 authentik/stages/captcha[handleHCaptcha]: trying handler
CaptchaStage.ts:66 authentik/stages/captcha[handleHCaptcha]: handler succeeded
CaptchaStage.ts:63 authentik/stages/captcha[handleTurnstile]: trying handler
challenge.js:2 Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
D.getImageData @ challenge.js:2
(anonymous) @ challenge.js:2
Promise.then (async)
D.createTask @ challenge.js:2
U.submit @ challenge.js:2
(anonymous) @ hcaptcha.js:3
i.submit @ hcaptcha.js:3
y @ hcaptcha.js:3
ai.emit @ hcaptcha.js:3
(anonymous) @ hcaptcha.js:3
ie.emit @ hcaptcha.js:3
(anonymous) @ hcaptcha.js:3
ie.emit @ hcaptcha.js:3
to.onSelect @ hcaptcha.js:3
(anonymous) @ hcaptcha.js:3
challenge.js:2 Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
D.getImageData @ challenge.js:2
(anonymous) @ challenge.js:2
Promise.then (async)
D.createTask @ challenge.js:2
U.submit @ challenge.js:2
(anonymous) @ hcaptcha.js:3
i.submit @ hcaptcha.js:3
y @ hcaptcha.js:3
ai.emit @ hcaptcha.js:3
(anonymous) @ hcaptcha.js:3
ie.emit @ hcaptcha.js:3
(anonymous) @ hcaptcha.js:3
ie.emit @ hcaptcha.js:3
to.onSelect @ hcaptcha.js:3
(anonymous) @ hcaptcha.js:3
middleware.ts:34 authentik/api[my.domain]: 200 POST https://identity.my.domain/api/v3/flows/executor/default-authentication-flow/?query=next%3D%252F
middleware.ts:34 authentik/api[my.domain]: 200 POST https://identity.my.domain/api/v3/flows/executor/default-authentication-flow/?query=next%3D%252F
CaptchaStage.ts:57 authentik/stages/captcha: script loaded
CaptchaStage.ts:63 authentik/stages/captcha[handleGReCaptcha]: trying handler
CaptchaStage.ts:72 authentik/stages/captcha[handleGReCaptcha]: handler failed: TypeError: grecaptcha.ready is not a function
CaptchaStage.ts:63 authentik/stages/captcha[handleHCaptcha]: trying handler
CaptchaStage.ts:66 authentik/stages/captcha[handleHCaptcha]: handler succeeded
CaptchaStage.ts:63 authentik/stages/captcha[handleTurnstile]: trying handler
challenge.js:2 Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
D.getImageData @ challenge.js:2
(anonymous) @ challenge.js:2
Promise.then (async)
D.createTask @ challenge.js:2
U.submit @ challenge.js:2
(anonymous) @ hcaptcha.js:3
i.submit @ hcaptcha.js:3
y @ hcaptcha.js:3
ai.emit @ hcaptcha.js:3
(anonymous) @ hcaptcha.js:3
ie.emit @ hcaptcha.js:3
(anonymous) @ hcaptcha.js:3
ie.emit @ hcaptcha.js:3
to.onSelect @ hcaptcha.js:3
(anonymous) @ hcaptcha.js:3
middleware.ts:34 authentik/api[my.domain]: 200 POST https://identity.my.domain/api/v3/flows/executor/default-authentication-flow/?query=next%3D%252F
middleware.ts:34 authentik/api[my.domain]: 200 POST https://identity.my.domain/api/v3/flows/executor/default-authentication-flow/?query=next%3D%252F
RedirectStage.ts:48 authentik/stages/redirect: redirecting to url from server /
Navigated to https://identity.my.domain/if/user/
config.ts:89 authentik(early): version 2024.4.0, apiBase https://identity.my.domain/api/v3
chunk-3LACX4IT.js:sourcemap:1 authentik(early): version 2024.4.0, apiBase https://identity.my.domain/api/v3
middleware.ts:34 authentik/api[my.domain]: 200 GET https://identity.my.domain/api/v3/root/config/
middleware.ts:34 authentik/api[my.domain]: 200 GET https://identity.my.domain/api/v3/core/brands/current/
ws.ts:29 authentik/ws: connected to wss://identity.my.domain/ws/client/
chunk-3LACX4IT.js:sourcemap:1 authentik/api[my.domain]: 200 GET https://identity.my.domain/api/v3/root/config/
chunk-3LACX4IT.js:sourcemap:1 authentik/api[my.domain]: 200 GET https://identity.my.domain/api/v3/core/brands/current/
chunk-3LACX4IT.js:sourcemap:1
GET https://identity.my.domain/api/v3/core/users/me/ 403 (Forbidden)
(anonymous) @ chunk-3LACX4IT.js:sourcemap:1
c @ chunk-3LACX4IT.js:sourcemap:1
Promise.then (async)
p @ chunk-3LACX4IT.js:sourcemap:1
(anonymous) @ chunk-3LACX4IT.js:sourcemap:1
wt @ chunk-3LACX4IT.js:sourcemap:1
fetchApi @ chunk-3LACX4IT.js:sourcemap:1
(anonymous) @ chunk-3LACX4IT.js:sourcemap:1
c @ chunk-3LACX4IT.js:sourcemap:1
Promise.then (async)
p @ chunk-3LACX4IT.js:sourcemap:1
(anonymous) @ chunk-3LACX4IT.js:sourcemap:1
wt @ chunk-3LACX4IT.js:sourcemap:1
request @ chunk-3LACX4IT.js:sourcemap:1
(anonymous) @ chunk-3LACX4IT.js:sourcemap:1
(anonymous) @ chunk-3LACX4IT.js:sourcemap:1
g @ chunk-3LACX4IT.js:sourcemap:1
coreUsersMeRetrieveRaw @ chunk-3LACX4IT.js:sourcemap:1
(anonymous) @ chunk-3LACX4IT.js:sourcemap:1
(anonymous) @ chunk-3LACX4IT.js:sourcemap:1
g @ chunk-3LACX4IT.js:sourcemap:1
coreUsersMeRetrieve @ chunk-3LACX4IT.js:sourcemap:1
fr @ chunk-3LACX4IT.js:sourcemap:1
fetchConfigurationDetails @ UserInterface.ts:441
ve @ UserInterface.ts:405
(anonymous) @ chunk-3LACX4IT.js:sourcemap:514
k @ chunk-HR6QD6D5.js:1
(anonymous) @ UserInterface.ts:387
chunk-3LACX4IT.js:sourcemap:1 authentik/api[my.domain]: 403 GET https://identity.my.domain/api/v3/core/users/me/
RouterOutlet.ts:88 authentik/router: defaulted URL to #/library
chunk-3LACX4IT.js:sourcemap:1
GET https://identity.my.domain/api/v3/enterprise/license/summary/ 403 (Forbidden)
(anonymous) @ chunk-3LACX4IT.js:sourcemap:1
c @ chunk-3LACX4IT.js:sourcemap:1
Promise.then (async)
p @ chunk-3LACX4IT.js:sourcemap:1
(anonymous) @ chunk-3LACX4IT.js:sourcemap:1
wt @ chunk-3LACX4IT.js:sourcemap:1
fetchApi @ chunk-3LACX4IT.js:sourcemap:1
(anonymous) @ chunk-3LACX4IT.js:sourcemap:1
c @ chunk-3LACX4IT.js:sourcemap:1
Promise.then (async)
p @ chunk-3LACX4IT.js:sourcemap:1
(anonymous) @ chunk-3LACX4IT.js:sourcemap:1
wt @ chunk-3LACX4IT.js:sourcemap:1
request @ chunk-3LACX4IT.js:sourcemap:1
(anonymous) @ EnterpriseApi.js:297
(anonymous) @ EnterpriseApi.js:20
L @ EnterpriseApi.js:16
enterpriseLicenseSummaryRetrieveRaw @ EnterpriseApi.js:287
(anonymous) @ EnterpriseApi.js:311
(anonymous) @ EnterpriseApi.js:20
L @ EnterpriseApi.js:16
enterpriseLicenseSummaryRetrieve @ EnterpriseApi.js:310
fetch @ EnterpriseContextController.ts:31
Nt @ EnterpriseContextController.ts:27
Ke @ Interface.ts:80
ve @ UserInterface.ts:403
(anonymous) @ chunk-3LACX4IT.js:sourcemap:514
k @ chunk-HR6QD6D5.js:1
(anonymous) @ UserInterface.ts:387
chunk-3LACX4IT.js:sourcemap:1 authentik/api[my.domain]: 403 GET https://identity.my.domain/api/v3/enterprise/license/summary/
RouterOutlet.ts:98 authentik/router: found match Id {route: ae, arguments: {…}, fullUrl: '/library'}
chunk-3LACX4IT.js:sourcemap:1 Uncaught (in promise) ResponseError: Response returned an error code
at Et. (/static/dist/user/chunk-3LACX4IT.js:1:2970)
at Generator.next ()
at c (/static/dist/user/chunk-3LACX4IT.js:1:742)
(anonymous) @ chunk-3LACX4IT.js:sourcemap:1
c @ chunk-3LACX4IT.js:sourcemap:1
Promise.then (async)
fetch @ EnterpriseContextController.ts:31
Nt @ EnterpriseContextController.ts:27
Ke @ Interface.ts:80
ve @ UserInterface.ts:403
(anonymous) @ chunk-3LACX4IT.js:sourcemap:514
k @ chunk-HR6QD6D5.js:1
(anonymous) @ UserInterface.ts:387
ak-locale-context.ts:81 Setting Locale to ... German (de)
chunk-3LACX4IT.js:sourcemap:1
GET https://identity.my.domain/api/v3/events/notifications/?ordering=-created&page_size=1&seen=false&user=-1 403 (Forbidden)
(anonymous) @ chunk-3LACX4IT.js:sourcemap:1
c @ chunk-3LACX4IT.js:sourcemap:1
Promise.then (async)
p @ chunk-3LACX4IT.js:sourcemap:1
(anonymous) @ chunk-3LACX4IT.js:sourcemap:1
wt @ chunk-3LACX4IT.js:sourcemap:1
fetchApi @ chunk-3LACX4IT.js:sourcemap:1
(anonymous) @ chunk-3LACX4IT.js:sourcemap:1
c @ chunk-3LACX4IT.js:sourcemap:1
Promise.then (async)
p @ chunk-3LACX4IT.js:sourcemap:1
(anonymous) @ chunk-3LACX4IT.js:sourcemap:1
wt @ chunk-3LACX4IT.js:sourcemap:1
request @ chunk-3LACX4IT.js:sourcemap:1
(anonymous) @ EventsApi.js:528
(anonymous) @ EventsApi.js:20
m @ EventsApi.js:16
eventsNotificationsListRaw @ EventsApi.js:488
(anonymous) @ EventsApi.js:542
(anonymous) @ EventsApi.js:20
m @ EventsApi.js:16
eventsNotificationsList @ EventsApi.js:541
(anonymous) @ UserInterface.ts:444
Promise.then (async)
fetchConfigurationDetails @ UserInterface.ts:441
ve @ UserInterface.ts:405
(anonymous) @ chunk-3LACX4IT.js:sourcemap:514
k @ chunk-HR6QD6D5.js:1
(anonymous) @ UserInterface.ts:387
chunk-3LACX4IT.js:sourcemap:1 authentik/api[my.domain]: 403 GET https://identity.my.domain/api/v3/events/notifications/?ordering=-created&page_size=1&seen=false&user=-1
chunk-3LACX4IT.js:sourcemap:1 Uncaught (in promise) ResponseError: Response returned an error code
at me. (/static/dist/user/chunk-3LACX4IT.js:1:2970)
at Generator.next ()
at c (/static/dist/user/chunk-3LACX4IT.js:1:742)
(anonymous) @ chunk-3LACX4IT.js:sourcemap:1
c @ chunk-3LACX4IT.js:sourcemap:1
Promise.then (async)
(anonymous) @ UserInterface.ts:450
Promise.then (async)
fetchConfigurationDetails @ UserInterface.ts:441
ve @ UserInterface.ts:405
(anonymous) @ chunk-3LACX4IT.js:sourcemap:514
k @ chunk-HR6QD6D5.js:1
(anonymous) @ UserInterface.ts:387
chunk-3LACX4IT.js:sourcemap:1
GET https://identity.my.domain/api/v3/core/applications/?ordering=name&page=1&page_size=100 403 (Forbidden)
(anonymous) @ chunk-3LACX4IT.js:sourcemap:1
c @ chunk-3LACX4IT.js:sourcemap:1
Promise.then (async)
p @ chunk-3LACX4IT.js:sourcemap:1
(anonymous) @ chunk-3LACX4IT.js:sourcemap:1
wt @ chunk-3LACX4IT.js:sourcemap:1
fetchApi @ chunk-3LACX4IT.js:sourcemap:1
(anonymous) @ chunk-3LACX4IT.js:sourcemap:1
c @ chunk-3LACX4IT.js:sourcemap:1
Promise.then (async)
p @ chunk-3LACX4IT.js:sourcemap:1
(anonymous) @ chunk-3LACX4IT.js:sourcemap:1
wt @ chunk-3LACX4IT.js:sourcemap:1
request @ chunk-3LACX4IT.js:sourcemap:1
(anonymous) @ chunk-3LACX4IT.js:sourcemap:1
(anonymous) @ chunk-3LACX4IT.js:sourcemap:1
g @ chunk-3LACX4IT.js:sourcemap:1
coreApplicationsListRaw @ chunk-3LACX4IT.js:sourcemap:1
(anonymous) @ chunk-3LACX4IT.js:sourcemap:1
(anonymous) @ chunk-3LACX4IT.js:sourcemap:1
g @ chunk-3LACX4IT.js:sourcemap:1
coreApplicationsList @ chunk-3LACX4IT.js:sourcemap:1
fetchApplications @ LibraryPage.ts:71
ue @ LibraryPage.ts:57
u @ lit-html.ts:1178
$ @ lit-html.ts:1599
_$AI @ lit-html.ts:1435
setValue @ chunk-3LACX4IT.js:sourcemap:14326
(anonymous) @ chunk-3LACX4IT.js:sourcemap:14326
Promise.then (async)
update @ chunk-3LACX4IT.js:sourcemap:14326
_$AS @ chunk-3LACX4IT.js:sourcemap:7824
S @ lit-html.ts:1134
_$AI @ lit-html.ts:1412
p @ lit-html.ts:1242
$ @ lit-html.ts:1596
_$AI @ lit-html.ts:1435
Ct @ lit-html.ts:2235
update @ lit-element.ts:163
performUpdate @ reactive-element.ts:1441
scheduleUpdate @ reactive-element.ts:1338
_$ET @ reactive-element.ts:1310
await in _$ET (async)
requestUpdate @ reactive-element.ts:1268
__litLocalizeEventHandler @ localized-controller.ts:22
ot @ runtime.ts:51
then.ot.status @ runtime.ts:145
Promise.then (async)
se @ runtime.ts:139
(anonymous) @ ak-locale-context.ts:82
Promise.then (async)
updateLocale @ ak-locale-context.ts:80
connectedCallback @ ak-locale-context.ts:59
S @ lit-html.ts:1462
T @ lit-html.ts:1506
$ @ lit-html.ts:1621
_$AI @ lit-html.ts:1435
Ct @ lit-html.ts:2235
update @ lit-element.ts:163
performUpdate @ reactive-element.ts:1441
scheduleUpdate @ reactive-element.ts:1338
_$ET @ reactive-element.ts:1310
await in _$ET (async)
requestUpdate @ reactive-element.ts:1268
_$Ev @ reactive-element.ts:1017
f @ reactive-element.ts:1000
C @ lit-element.ts:122
N @ chunk-3LACX4IT.js:sourcemap:514
Y @ UserInterface.ts:120
u @ lit-html.ts:1178
$ @ lit-html.ts:1599
_$AI @ lit-html.ts:1435
Ct @ lit-html.ts:2235
update @ lit-element.ts:163
performUpdate @ reactive-element.ts:1441
scheduleUpdate @ reactive-element.ts:1338
_$ET @ reactive-element.ts:1310
await in _$ET (async)
requestUpdate @ reactive-element.ts:1268
set @ reactive-element.ts:757
getTheme @ Interface.ts:60
await in getTheme (async)
_initTheme @ chunk-3LACX4IT.js:sourcemap:514
setInitialStyles @ chunk-3LACX4IT.js:sourcemap:514
createRenderRoot @ chunk-3LACX4IT.js:sourcemap:514
connectedCallback @ reactive-element.ts:1108
connectedCallback @ lit-element.ts:187
connectedCallback @ UserInterface.ts:413
(anonymous) @ chunk-3LACX4IT.js:sourcemap:514
k @ chunk-HR6QD6D5.js:1
(anonymous) @ UserInterface.ts:387
chunk-3LACX4IT.js:sourcemap:1 authentik/api[my.domain]: 403 GET https://identity.my.domain/api/v3/core/applications/?ordering=name&page=1&page_size=100
chunk-3LACX4IT.js:sourcemap:1 Uncaught (in promise) ResponseError: Response returned an error code
at ir. (/static/dist/user/chunk-3LACX4IT.js:1:2970)
at Generator.next ()
at c (/static/dist/user/chunk-3LACX4IT.js:1:742)
(anonymous) @ chunk-3LACX4IT.js:sourcemap:1
c @ chunk-3LACX4IT.js:sourcemap:1
Promise.then (async)
ue @ LibraryPage.ts:57
u @ lit-html.ts:1178
$ @ lit-html.ts:1599
_$AI @ lit-html.ts:1435
setValue @ chunk-3LACX4IT.js:sourcemap:14326
(anonymous) @ chunk-3LACX4IT.js:sourcemap:14326
Promise.then (async)
update @ chunk-3LACX4IT.js:sourcemap:14326
_$AS @ chunk-3LACX4IT.js:sourcemap:7824
S @ lit-html.ts:1134
_$AI @ lit-html.ts:1412
p @ lit-html.ts:1242
$ @ lit-html.ts:1596
_$AI @ lit-html.ts:1435
Ct @ lit-html.ts:2235
update @ lit-element.ts:163
performUpdate @ reactive-element.ts:1441
scheduleUpdate @ reactive-element.ts:1338
_$ET @ reactive-element.ts:1310
await in _$ET (async)
requestUpdate @ reactive-element.ts:1268
__litLocalizeEventHandler @ localized-controller.ts:22
ot @ runtime.ts:51
then.ot.status @ runtime.ts:145
Promise.then (async)
se @ runtime.ts:139
(anonymous) @ ak-locale-context.ts:82
Promise.then (async)
updateLocale @ ak-locale-context.ts:80
connectedCallback @ ak-locale-context.ts:59
S @ lit-html.ts:1462
T @ lit-html.ts:1506
$ @ lit-html.ts:1621
_$AI @ lit-html.ts:1435
Ct @ lit-html.ts:2235
update @ lit-element.ts:163
performUpdate @ reactive-element.ts:1441
scheduleUpdate @ reactive-element.ts:1338
_$ET @ reactive-element.ts:1310
await in _$ET (async)
requestUpdate @ reactive-element.ts:1268
_$Ev @ reactive-element.ts:1017
f @ reactive-element.ts:1000
C @ lit-element.ts:122
N @ chunk-3LACX4IT.js:sourcemap:514
Y @ UserInterface.ts:120
u @ lit-html.ts:1178
$ @ lit-html.ts:1599
_$AI @ lit-html.ts:1435
Ct @ lit-html.ts:2235
update @ lit-element.ts:163
performUpdate @ reactive-element.ts:1441
scheduleUpdate @ reactive-element.ts:1338
_$ET @ reactive-element.ts:1310
await in _$ET (async)
requestUpdate @ reactive-element.ts:1268
set @ reactive-element.ts:757
getTheme @ Interface.ts:60
await in getTheme (async)
_initTheme @ chunk-3LACX4IT.js:sourcemap:514
setInitialStyles @ chunk-3LACX4IT.js:sourcemap:514
createRenderRoot @ chunk-3LACX4IT.js:sourcemap:514
connectedCallback @ reactive-element.ts:1108
connectedCallback @ lit-element.ts:187
connectedCallback @ UserInterface.ts:413
(anonymous) @ chunk-3LACX4IT.js:sourcemap:514
k @ chunk-HR6QD6D5.js:1
(anonymous) @ UserInterface.ts:387
GET https://identity.my.domain/api/v3/events/notifications/?ordering=-created&seen=false&user=-1 403 (Forbidden)
(anonymous) @ chunk-3LACX4IT.js:1
c @ chunk-3LACX4IT.js:1
Promise.then (async)
p @ chunk-3LACX4IT.js:1
(anonymous) @ chunk-3LACX4IT.js:1
wt @ chunk-3LACX4IT.js:1
fetchApi @ chunk-3LACX4IT.js:1
(anonymous) @ chunk-3LACX4IT.js:1
c @ chunk-3LACX4IT.js:1
Promise.then (async)
p @ chunk-3LACX4IT.js:1
(anonymous) @ chunk-3LACX4IT.js:1
wt @ chunk-3LACX4IT.js:1
request @ chunk-3LACX4IT.js:1
(anonymous) @ UserInterface.js:1
(anonymous) @ UserInterface.js:1
m @ UserInterface.js:1
eventsNotificationsListRaw @ UserInterface.js:1
(anonymous) @ UserInterface.js:1
(anonymous) @ UserInterface.js:1
m @ UserInterface.js:1
eventsNotificationsList @ UserInterface.js:1
(anonymous) @ UserInterface.js:524
Promise.then (async)
firstUpdated @ UserInterface.js:524
_$AE @ chunk-D42R3GGE.js:1
performUpdate @ chunk-D42R3GGE.js:1
scheduleUpdate @ chunk-D42R3GGE.js:1
_$ET @ chunk-D42R3GGE.js:1
await in _$ET (async)
requestUpdate @ chunk-D42R3GGE.js:1
_$Ev @ chunk-D42R3GGE.js:1
f @ chunk-D42R3GGE.js:1
C @ chunk-D42R3GGE.js:3
N @ chunk-3LACX4IT.js:514
et @ UserInterface.js:501
u @ chunk-D42R3GGE.js:3
$ @ chunk-D42R3GGE.js:3
_$AI @ chunk-D42R3GGE.js:3
Ct @ chunk-D42R3GGE.js:3
update @ chunk-D42R3GGE.js:3
performUpdate @ chunk-D42R3GGE.js:1
scheduleUpdate @ chunk-D42R3GGE.js:1
_$ET @ chunk-D42R3GGE.js:1
await in _$ET (async)
requestUpdate @ chunk-D42R3GGE.js:1
_$Ev @ chunk-D42R3GGE.js:1
f @ chunk-D42R3GGE.js:1
C @ chunk-D42R3GGE.js:3
N @ chunk-3LACX4IT.js:514
Y @ UserInterface.js:13571
u @ chunk-D42R3GGE.js:3
$ @ chunk-D42R3GGE.js:3
_$AI @ chunk-D42R3GGE.js:3
Ct @ chunk-D42R3GGE.js:3
update @ chunk-D42R3GGE.js:3
performUpdate @ chunk-D42R3GGE.js:1
scheduleUpdate @ chunk-D42R3GGE.js:1
_$ET @ chunk-D42R3GGE.js:1
await in _$ET (async)
requestUpdate @ chunk-D42R3GGE.js:1
set @ chunk-D42R3GGE.js:1
getTheme @ UserInterface.js:1
await in getTheme (async)
_initTheme @ chunk-3LACX4IT.js:514
setInitialStyles @ chunk-3LACX4IT.js:514
createRenderRoot @ chunk-3LACX4IT.js:514
connectedCallback @ chunk-D42R3GGE.js:1
connectedCallback @ chunk-D42R3GGE.js:3
connectedCallback @ UserInterface.js:13693
(anonymous) @ chunk-3LACX4IT.js:514
k @ chunk-HR6QD6D5.js:1
(anonymous) @ UserInterface.js:13700
authentik/api[my.domain]: 403 GET https://identity.my.domain/api/v3/events/notifications/?ordering=-created&seen=false&user=-1
chunk-3LACX4IT.js:1 Uncaught (in promise) ResponseError: Response returned an error code
at me. (/static/dist/user/chunk-3LACX4IT.js:1:2970)
at Generator.next ()
at c (/static/dist/user/chunk-3LACX4IT.js:1:742)
(anonymous) @ chunk-3LACX4IT.js:1
c @ chunk-3LACX4IT.js:1
Promise.then (async)
(anonymous) @ UserInterface.js:524
Promise.then (async)
firstUpdated @ UserInterface.js:524
_$AE @ chunk-D42R3GGE.js:1
performUpdate @ chunk-D42R3GGE.js:1
scheduleUpdate @ chunk-D42R3GGE.js:1
_$ET @ chunk-D42R3GGE.js:1
await in _$ET (async)
requestUpdate @ chunk-D42R3GGE.js:1
_$Ev @ chunk-D42R3GGE.js:1
f @ chunk-D42R3GGE.js:1
C @ chunk-D42R3GGE.js:3
N @ chunk-3LACX4IT.js:514
et @ UserInterface.js:501
u @ chunk-D42R3GGE.js:3
$ @ chunk-D42R3GGE.js:3
_$AI @ chunk-D42R3GGE.js:3
Ct @ chunk-D42R3GGE.js:3
update @ chunk-D42R3GGE.js:3
performUpdate @ chunk-D42R3GGE.js:1
scheduleUpdate @ chunk-D42R3GGE.js:1
_$ET @ chunk-D42R3GGE.js:1
await in _$ET (async)
requestUpdate @ chunk-D42R3GGE.js:1
_$Ev @ chunk-D42R3GGE.js:1
f @ chunk-D42R3GGE.js:1
C @ chunk-D42R3GGE.js:3
N @ chunk-3LACX4IT.js:514
Y @ UserInterface.js:13571
u @ chunk-D42R3GGE.js:3
$ @ chunk-D42R3GGE.js:3
_$AI @ chunk-D42R3GGE.js:3
Ct @ chunk-D42R3GGE.js:3
update @ chunk-D42R3GGE.js:3
performUpdate @ chunk-D42R3GGE.js:1
scheduleUpdate @ chunk-D42R3GGE.js:1
_$ET @ chunk-D42R3GGE.js:1
await in _$ET (async)
requestUpdate @ chunk-D42R3GGE.js:1
set @ chunk-D42R3GGE.js:1
getTheme @ UserInterface.js:1
await in getTheme (async)
_initTheme @ chunk-3LACX4IT.js:514
setInitialStyles @ chunk-3LACX4IT.js:514
createRenderRoot @ chunk-3LACX4IT.js:514
connectedCallback @ chunk-D42R3GGE.js:1
connectedCallback @ chunk-D42R3GGE.js:3
connectedCallback @ UserInterface.js:13693
(anonymous) @ chunk-3LACX4IT.js:514
k @ chunk-HR6QD6D5.js:1
(anonymous) @ UserInterface.js:13700
GET https://identity.my.domain/api/v3/core/applications/?ordering=name&page=1&page_size=100 403 (Forbidden)
(anonymous) @ chunk-3LACX4IT.js:1
c @ chunk-3LACX4IT.js:1
Promise.then (async)
p @ chunk-3LACX4IT.js:1
(anonymous) @ chunk-3LACX4IT.js:1
wt @ chunk-3LACX4IT.js:1
fetchApi @ chunk-3LACX4IT.js:1
(anonymous) @ chunk-3LACX4IT.js:1
c @ chunk-3LACX4IT.js:1
Promise.then (async)
p @ chunk-3LACX4IT.js:1
(anonymous) @ chunk-3LACX4IT.js:1
wt @ chunk-3LACX4IT.js:1
request @ chunk-3LACX4IT.js:1
(anonymous) @ chunk-3LACX4IT.js:1
(anonymous) @ chunk-3LACX4IT.js:1
g @ chunk-3LACX4IT.js:1
coreApplicationsListRaw @ chunk-3LACX4IT.js:1
(anonymous) @ chunk-3LACX4IT.js:1
(anonymous) @ chunk-3LACX4IT.js:1
g @ chunk-3LACX4IT.js:1
coreApplicationsList @ chunk-3LACX4IT.js:1
fetchApplications @ UserInterface.js:12548
ue @ UserInterface.js:12548
u @ chunk-D42R3GGE.js:3
$ @ chunk-D42R3GGE.js:3
_$AI @ chunk-D42R3GGE.js:3
setValue @ chunk-3LACX4IT.js:14326
(anonymous) @ chunk-3LACX4IT.js:14326
Promise.then (async)
update @ chunk-3LACX4IT.js:14326
_$AS @ chunk-3LACX4IT.js:7824
S @ chunk-D42R3GGE.js:3
_$AI @ chunk-D42R3GGE.js:3
p @ chunk-D42R3GGE.js:3
$ @ chunk-D42R3GGE.js:3
_$AI @ chunk-D42R3GGE.js:3
Ct @ chunk-D42R3GGE.js:3
update @ chunk-D42R3GGE.js:3
performUpdate @ chunk-D42R3GGE.js:1
scheduleUpdate @ chunk-D42R3GGE.js:1
_$ET @ chunk-D42R3GGE.js:1
await in _$ET (async)
requestUpdate @ chunk-D42R3GGE.js:1
set @ chunk-D42R3GGE.js:1
navigate @ UserInterface.js:616
(anonymous) @ UserInterface.js:607
hashchange (async)
navigate @ UserInterface.js:614
firstUpdated @ UserInterface.js:614
_$AE @ chunk-D42R3GGE.js:1
performUpdate @ chunk-D42R3GGE.js:1
scheduleUpdate @ chunk-D42R3GGE.js:1
_$ET @ chunk-D42R3GGE.js:1
await in _$ET (async)
requestUpdate @ chunk-D42R3GGE.js:1
_$Ev @ chunk-D42R3GGE.js:1
f @ chunk-D42R3GGE.js:1
C @ chunk-D42R3GGE.js:3
N @ chunk-3LACX4IT.js:514
Le @ UserInterface.js:607
u @ chunk-D42R3GGE.js:3
$ @ chunk-D42R3GGE.js:3
_$AI @ chunk-D42R3GGE.js:3
Ct @ chunk-D42R3GGE.js:3
update @ chunk-D42R3GGE.js:3
performUpdate @ chunk-D42R3GGE.js:1
scheduleUpdate @ chunk-D42R3GGE.js:1
_$ET @ chunk-D42R3GGE.js:1
await in _$ET (async)
requestUpdate @ chunk-D42R3GGE.js:1
_$Ev @ chunk-D42R3GGE.js:1
f @ chunk-D42R3GGE.js:1
C @ chunk-D42R3GGE.js:3
N @ chunk-3LACX4IT.js:514
Y @ UserInterface.js:13571
u @ chunk-D42R3GGE.js:3
$ @ chunk-D42R3GGE.js:3
_$AI @ chunk-D42R3GGE.js:3
Ct @ chunk-D42R3GGE.js:3
update @ chunk-D42R3GGE.js:3
performUpdate @ chunk-D42R3GGE.js:1
scheduleUpdate @ chunk-D42R3GGE.js:1
_$ET @ chunk-D42R3GGE.js:1
await in _$ET (async)
requestUpdate @ chunk-D42R3GGE.js:1
set @ chunk-D42R3GGE.js:1
getTheme @ UserInterface.js:1
await in getTheme (async)
_initTheme @ chunk-3LACX4IT.js:514
setInitialStyles @ chunk-3LACX4IT.js:514
createRenderRoot @ chunk-3LACX4IT.js:514
connectedCallback @ chunk-D42R3GGE.js:1
connectedCallback @ chunk-D42R3GGE.js:3
connectedCallback @ UserInterface.js:13693
(anonymous) @ chunk-3LACX4IT.js:514
k @ chunk-HR6QD6D5.js:1
(anonymous) @ UserInterface.js:13700
authentik/api[my.domain]: 403 GET https://identity.my.domain/api/v3/core/applications/?ordering=name&page=1&page_size=100
chunk-3LACX4IT.js:1 Uncaught (in promise) ResponseError: Response returned an error code
at ir. (/static/dist/user/chunk-3LACX4IT.js:1:2970)
at Generator.next ()
at c (/static/dist/user/chunk-3LACX4IT.js:1:742)
(anonymous) @ chunk-3LACX4IT.js:1
c @ chunk-3LACX4IT.js:1
Promise.then (async)
ue @ UserInterface.js:12548
u @ chunk-D42R3GGE.js:3
$ @ chunk-D42R3GGE.js:3
_$AI @ chunk-D42R3GGE.js:3
setValue @ chunk-3LACX4IT.js:14326
(anonymous) @ chunk-3LACX4IT.js:14326
Promise.then (async)
update @ chunk-3LACX4IT.js:14326
_$AS @ chunk-3LACX4IT.js:7824
S @ chunk-D42R3GGE.js:3
_$AI @ chunk-D42R3GGE.js:3
p @ chunk-D42R3GGE.js:3
$ @ chunk-D42R3GGE.js:3
_$AI @ chunk-D42R3GGE.js:3
Ct @ chunk-D42R3GGE.js:3
update @ chunk-D42R3GGE.js:3
performUpdate @ chunk-D42R3GGE.js:1
scheduleUpdate @ chunk-D42R3GGE.js:1
_$ET @ chunk-D42R3GGE.js:1
await in _$ET (async)
requestUpdate @ chunk-D42R3GGE.js:1
set @ chunk-D42R3GGE.js:1
navigate @ UserInterface.js:616
(anonymous) @ UserInterface.js:607
hashchange (async)
navigate @ UserInterface.js:614
firstUpdated @ UserInterface.js:614
_$AE @ chunk-D42R3GGE.js:1
performUpdate @ chunk-D42R3GGE.js:1
scheduleUpdate @ chunk-D42R3GGE.js:1
_$ET @ chunk-D42R3GGE.js:1
await in _$ET (async)
requestUpdate @ chunk-D42R3GGE.js:1
_$Ev @ chunk-D42R3GGE.js:1
f @ chunk-D42R3GGE.js:1
C @ chunk-D42R3GGE.js:3
N @ chunk-3LACX4IT.js:514
Le @ UserInterface.js:607
u @ chunk-D42R3GGE.js:3
$ @ chunk-D42R3GGE.js:3
_$AI @ chunk-D42R3GGE.js:3
Ct @ chunk-D42R3GGE.js:3
update @ chunk-D42R3GGE.js:3
performUpdate @ chunk-D42R3GGE.js:1
scheduleUpdate @ chunk-D42R3GGE.js:1
_$ET @ chunk-D42R3GGE.js:1
await in _$ET (async)
requestUpdate @ chunk-D42R3GGE.js:1
_$Ev @ chunk-D42R3GGE.js:1
f @ chunk-D42R3GGE.js:1
C @ chunk-D42R3GGE.js:3
N @ chunk-3LACX4IT.js:514
Y @ UserInterface.js:13571
u @ chunk-D42R3GGE.js:3
$ @ chunk-D42R3GGE.js:3
_$AI @ chunk-D42R3GGE.js:3
Ct @ chunk-D42R3GGE.js:3
update @ chunk-D42R3GGE.js:3
performUpdate @ chunk-D42R3GGE.js:1
scheduleUpdate @ chunk-D42R3GGE.js:1
_$ET @ chunk-D42R3GGE.js:1
await in _$ET (async)
requestUpdate @ chunk-D42R3GGE.js:1
set @ chunk-D42R3GGE.js:1
getTheme @ UserInterface.js:1
await in getTheme (async)
_initTheme @ chunk-3LACX4IT.js:514
setInitialStyles @ chunk-3LACX4IT.js:514
createRenderRoot @ chunk-3LACX4IT.js:514
connectedCallback @ chunk-D42R3GGE.js:1
connectedCallback @ chunk-D42R3GGE.js:3
connectedCallback @ UserInterface.js:13693
(anonymous) @ chunk-3LACX4IT.js:514
k @ chunk-HR6QD6D5.js:1
(anonymous) @ UserInterface.js:13700
config.ts:89 authentik(early): version 2024.4.0, apiBase https://identity.my.domain/api/v3
config.ts:89 authentik(early): version 2024.4.0, apiBase https://identity.my.domain/api/v3
Navigated to https://identity.my.domain/if/flow/default-authentication-flow/?next=%2Fif%2Fuser%2F
middleware.ts:34 authentik/api[my.domain]: 200 GET https://identity.my.domain/api/v3/root/config/
middleware.ts:34 authentik/api[my.domain]: 200 GET https://identity.my.domain/api/v3/core/brands/current/
ws.ts:29 authentik/ws: connected to wss://identity.my.domain/ws/client/
ak-locale-context.ts:81 Setting Locale to ... German (de)
middleware.ts:34 authentik/api[my.domain]: 200 GET https://identity.my.domain/api/v3/root/config/
middleware.ts:34 authentik/api[my.domain]: 200 GET https://identity.my.domain/api/v3/core/brands/current/
middleware.ts:34 authentik/api[my.domain]: 200 GET https://identity.my.domain/api/v3/flows/executor/default-authentication-flow/?query=next%3D%252Fif%252Fuser%252F
CaptchaStage.ts:57 authentik/stages/captcha: script loaded
CaptchaStage.ts:63 authentik/stages/captcha[handleGReCaptcha]: trying handler
CaptchaStage.ts:63 authentik/stages/captcha[handleHCaptcha]: trying handler
CaptchaStage.ts:66 authentik/stages/captcha[handleHCaptcha]: handler succeeded
CaptchaStage.ts:63 authentik/stages/captcha[handleTurnstile]: trying handler
Entering an infinite login loop:
INF | action=system_exception auth_via=unauthenticated client_ip=xxxxxxxxxxxxxxxxxxxxxxxxxxxxx context={"asn":{"as_org":"KPN B.V.","asn":1136,"network":"2a02:a456::/32"},"geo":{"city":"","continent":"EU","country":"NL","lat":52.,"long":4.},"http_request":{"args":{},"method":"GET","path":"/api/v3/core/users/10/","user_agent":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:125.0) Gecko/20100101 Firefox/125.0"},"message":"Traceback (most recent call last):\n File "/ak-root/venv/lib/python3.12/site-packages/asgiref/sync.py", line 534, in thread_handler\n raise exc_info[1]\n File "/ak-root/venv/lib/python3.12/site-packages/django/core/handlers/base.py", line 253, in _get_response_async\n response = await wrapped_callback(\n ^^^^^^^^^^^^^^^^^^^^^^^\n File "/ak-root/venv/lib/python3.12/site-packages/asgiref/sync.py", line 479, in call\n ret: _R = await loop.run_in_executor(\n ^^^^^^^^^^^^^^^^^^^^^^^^^^^\n File "/ak-root/venv/lib/python3.12/site-packages/asgiref/current_thread_executor.py", line 40, in run\n result = self.fn(*self.args, **self.kwargs)\n ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^\n File "/ak-root/venv/lib/python3.12/site-packages/asgiref/sync.py", line 538, in thread_handler\n return func(*args, **kwargs)\n ^^^^^^^^^^^^^^^^^^^^^\n File "/ak-root/venv/lib/python3.12/site-packages/sentry_sdk/integrations/django/views.py", line 84, in sentry_wrapped_callback\n return callback(request, *args, **kwargs)\n ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^\n File "/ak-root/venv/lib/python3.12/site-packages/django/views/decorators/csrf.py", line 65, in _view_wrapper\n return view_func(request, *args, **kwargs)\n ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^\n File "/ak-root/venv/lib/python3.12/site-packages/rest_framework/viewsets.py", line 125, in view\n return self.dispatch(request, *args, **kwargs)\n ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^\n File "/ak-root/venv/lib/python3.12/site-packages/rest_framework/views.py", line 509, in dispatch\n response = self.handle_exception(exc)\n ^^^^^^^^^^^^^^^^^^^^^^^^^^\n File "/ak-root/venv/lib/python3.12/site-packages/rest_framework/views.py", line 469, in handle_exception\n self.raise_uncaught_exception(exc)\n File "/ak-root/venv/lib/python3.12/site-packages/rest_framework/views.py", line 480, in raise_uncaught_exception\n raise exc\n File "/ak-root/venv/lib/python3.12/site-packages/rest_framework/views.py", line 506, in dispatch\n response = handler(request, *args, **kwargs)\n ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^\n File "/ak-root/venv/lib/python3.12/site-packages/rest_framework/mixins.py", line 54, in retrieve\n instance = self.get_object()\n ^^^^^^^^^^^^^^^^^\n File "/ak-root/venv/lib/python3.12/site-packages/rest_framework/generics.py", line 83, in get_object\n queryset = self.filter_queryset(self.get_queryset())\n ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^\n File "/ak-root/venv/lib/python3.12/site-packages/rest_framework/generics.py", line 150, in filter_queryset\n queryset = backend().filter_queryset(self.request, queryset, self)\n ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^\n File "/authentik/rbac/filters.py", line 28, in filter_queryset\n if request.user.type == UserTypes.INTERNAL_SERVICE_ACCOUNT:\n ^^^^^^^^^^^^^^^^^\nbuiltins.AttributeError: 'AnonymousUser' object has no attribute 'type'"} domain_url=auth.xxxxx.nl event=Created Event host=auth.xxxx.nl logger=authentik.events.models pid=46 request_id=c47bb557fd4b4b8880f330ed6e1acf8a schema_name=public timestamp=2024-04-27T07:00:00.192737 user={"email":"","is_anonymous":true,"pk":1,"username":"AnonymousUser"}
And this:
warning | domain_url=null event=Task failure exc=OperationalError('deadlock detected\nDETAIL: Process 3744 waits for ShareLock on transaction 8427503; blocked by process 3741.\nProcess 3741 waits for ShareLock on transaction 8427521; blocked by process 3744.\nHINT: See server log for query details.\nCONTEXT: while locking tuple (5,1) in relation "authentik_stages_authenticator_webauthn_webauthndevicetype"') logger=authentik.root.celery pid=47 schema_name=public task_id=task-72d94e8eaaa04f839a9e7f0d6d539c61 timestamp=2024-04-27T07:18:42.368168
ERR | event=Task authentik.stages.authenticator_webauthn.tasks.webauthn_aaguid_import[72d94e8e-aaa0-4f83-9a9e-7f0d6d539c61] raised unexpected: OperationalError('deadlock detected\nDETAIL: Process 3744 waits for ShareLock on transaction 8427503; blocked by process 3741.\nProcess 3741 waits for ShareLock on transaction 8427521; blocked by process 3744.\nHINT: See server log for query details.\nCONTEXT: while locking tuple (5,1) in relation "authentik_stages_authenticator_webauthn_webauthndevicetype"') exception=[{"exc_type":"OperationalError","exc_value":"deadlock detected\nDETAIL: Process 3744 waits for ShareLock on transaction 8427503; blocked by process 3741.\nProcess 3741 waits for ShareLock on transaction 8427521; blocked by process 3744.\nHINT: See server log for query details.\nCONTEXT: while locking tuple (5,1) in relation "authentik_stages_authenticator_webauthn_webauthndevicetype"","frames":[{"filename":"/ak-root/venv/lib/python3.12/site-packages/celery/app/trace.py","line":"","lineno":453,"locals":{},"name":"trace_task"},{"filename":"/ak-root/venv/lib/python3.12/site-packages/sentry_sdk/integrations/celery.py","line":"","lineno":325,"locals":{},"name":"_inner"},{"filename":"/ak-root/venv/lib/python3.12/site-packages/sentry_sdk/_compat.py","line":"","lineno":127,"locals":{},"name":"reraise"},{"filename":"/ak-root/venv/lib/python3.12/site-packages/sentry_sdk/integrations/celery.py","line":"","lineno":320,"locals":{},"name":"_inner"},{"filename":"/ak-root/venv/lib/python3.12/site-packages/celery/app/trace.py","line":"","lineno":736,"locals":{},"name":"protected_call"},{"filename":"/authentik/stages/authenticator_webauthn/tasks.py","line":"","lineno":66,"locals":{},"name":"webauthn_aaguid_import"},{"filename":"/ak-root/venv/lib/python3.12/site-packages/django/db/models/manager.py","line":"","lineno":87,"locals":{},"name":"manager_method"},{"filename":"/ak-root/venv/lib/python3.12/site-packages/django/db/models/query.py","line":"","lineno":986,"locals":{},"name":"update_or_create"},{"filename":"/ak-root/venv/lib/python3.12/site-packages/django/db/models/query.py","line":"","lineno":948,"locals":{},"name":"get_or_create"},{"filename":"/ak-root/venv/lib/python3.12/site-packages/django/db/models/query.py","line":"","lineno":645,"locals":{},"name":"get"},{"filename":"/ak-root/venv/lib/python3.12/site-packages/django/db/models/query.py","line":"","lineno":382,"locals":{},"name":"len"},{"filename":"/ak-root/venv/lib/python3.12/site-packages/django/db/models/query.py","line":"","lineno":1928,"locals":{},"name":"_fetch_all"},{"filename":"/ak-root/venv/lib/python3.12/site-packages/django/db/models/query.py","line":"","lineno":91,"locals":{},"name":"iter"},{"filename":"/ak-root/venv/lib/python3.12/site-packages/django/db/models/sql/compiler.py","line":"","lineno":1562,"locals":{},"name":"execute_sql"},{"filename":"/ak-root/venv/lib/python3.12/site-packages/sentry_sdk/integrations/django/init.py","line":"","lineno":644,"locals":{},"name":"execute"},{"filename":"/ak-root/venv/lib/python3.12/site-packages/django/db/backends/utils.py","line":"","lineno":79,"locals":{},"name":"execute"},{"filename":"/ak-root/venv/lib/python3.12/site-packages/django/db/backends/utils.py","line":"","lineno":92,"locals":{},"name":"_execute_with_wrappers"},{"filename":"/ak-root/venv/lib/python3.12/site-packages/django/db/backends/utils.py","line":"","lineno":100,"locals":{},"name":"_execute"},{"filename":"/ak-root/venv/lib/python3.12/site-packages/django/db/utils.py","line":"","lineno":91,"locals":{},"name":"exit"},{"filename":"/ak-root/venv/lib/python3.12/site-packages/django/db/backends/utils.py","line":"","lineno":105,"locals":{},"name":"_execute"},{"filename":"/ak-root/venv/lib/python3.12/site-packages/django_prometheus/db/common.py","line":"","lineno":69,"locals":{},"name":"execute"},{"filename":"/ak-root/venv/lib/python3.12/site-packages/psycopg/cursor.py","line":"","lineno":732,"locals":{},"name":"execute"}],"is_cause":false,"syntax_error":null},{"exc_type":"DeadlockDetected","exc_value":"deadlock detected\nDETAIL: Process 3744 waits for ShareLock on transaction 8427503; blocked by process 3741.\nProcess 3741 waits for ShareLock on transaction 8427521; blocked by process 3744.\nHINT: See server log for query details.\nCONTEXT: while locking tuple (5,1) in relation "authentik_stages_authenticator_webauthn_webauthndevicetype"","frames":[{"filename":"/ak-root/venv/lib/python3.12/site-packages/django/db/backends/utils.py","line":"","lineno":105,"locals":{"ignored_wrapper_args":""(False, {'connection': <DatabaseWrapper vendor='postgresql' alias='default'>, 'c"+75","params":"(UUID('39a5647e-1853-446c-a1f6-a79bae9f5bc7'),)","self":"<django.db.backends.utils.CursorWrapper object at 0x7f600f7f8c50>","sql":"'SELECT "authentik_stages_authenticator_webauthn_webauthndevicetype"."aaguid", "a'+308"},"name":"_execute"},{"filename":"/ak-root/venv/lib/python3.12/site-packages/django_prometheus/db/common.py","line":"","lineno":69,"locals":{"class":""<class 'django_prometheus.db.common.ExportingCursorWrapper.
Samething The issue appeared after the migration from 2024.2.3 to 2024.4.0. I updated to 2024.4.1 but the issue is still present.
Repro steps:
- Update Authentik
- I call up Authentik and I get to
if/flow/default-authentication-flow - Log in to Authentik
- User interface does not load
- Admin dashboard does not load (Several errors 403 in console of the web browser)
or sometimes when I go to the Admin dashboard, I am automatically redirected to the login page.
I point out that Authentik is deployed in a Docker container and it is behing a reverse proxy (Nginx proxy manager).
Log:
INF auth_via=unauthenticated domain_url=0.0.0.0 event=/-/health/live/ host=0.0.0.0:9000 logger=authentik.asgi method=HEAD pid=37434 remote=127.0.0.1 request_id=178489a5ede94fbf920375565767e49a runtime=22 schema_name=public scheme=http status=204 timestamp=2024-04-27T16:00:59.208815 user= user_agent=goauthentik.io/healthcheck
INF domain_url=null event=/ws/client/ logger=authentik.asgi pid=37434 remote=XXX.XXX.XXX.XXX schema_name=public scheme=ws timestamp=2024-04-27T16:01:21.279727 user_agent=Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
@AurelienGoor I guess there might be way more people with this issue then! exactly same problem. Decided to deploy another environment with the 2024.4.1 version and it works. So the upgrade messed up with something and I spent hours but couldnt find the root cause yet.
OK, I managed to solve this issue.
I saw some other issues that were reported the table authentik_install_id had 2 ids and checked that mine had too. Checked which value was reported through the API: /api/v3/enterprise/license/get_install_id/ and deleted the other one.
Restarted everything and got it working again.
Celebrated too early. Its definitely better since I can keep logged in for a little more time. Also upgraded to beta branch... will wait for the devs to say something. This is really messed up.
I can confirm this. After stopping the Redis container, I was able to access authentik again.
Thanks for your effort @wgentine Hopefully there will be a reasonable fix soon 😃
@FutureFlySpace I hope so... Now it intrigues me what's going on... and why is redis needed anyways because I see no loss of performance but redis must be running for the other containers to start, then you kill it.
Thanks for the workaround.
I tried to delete the redis database and to restart the redis and other containers, but the issue occurs again...
Don't restart the container. Start everything then stop Redis and let it stopped.
In the meanwhile, even better workaround: set the parameter AUTHENTIK_SESSION_STORAGE=db Then you dont have to stop redis.
I don't know how or why, but it's working for me again now. I haven't had the stack running for about 2 weeks. Started and upgraded it today. So far I have no more problems. Very strange
Well nevermind, now it's not working again and I'm stuck in a login loop. No errors in the browser console. A restart helped.
Same issue here.
AUTHENTIK_SESSION_STORAGE=db works for me but my dashboard shows:
No workers connected. Background tasks will not run.
Forget password are not send.
Commenting AUTHENTIK_SESSION_STORAGE then stopping the redis does not show the error and allows to send forget password emails.
Edit:
My installation: docker-compose + traefik
I can sometimes connect with redis configured but 3 refreshes with CTRL+R always sends me to the login page.
I started redis with -loglevel verbose and I can see redis activity, no error anywhere.
I made some tests with AUTHENTIK_LISTEN__TRUSTED_PROXY_CIDRS and traefik trustedIps, no effect.
Edit2:
It might related to redis offloading data to file, so far changing the command from --save 300 to --save "" works much longer. I will report again when it fails.
After a few weeks of Authentik running, it crashed today. When I restarted the stack, I got the following message from Redis:
authentik-redis | 1:C 04 Jun 2024 07:23:48.965 # WARNING Memory overcommit must be enabled! Without it, a background save or replication may fail under low memory condition. Being disabled, it can also cause failures without low memory condition, see https://github.com/jemalloc/jemalloc/issues/1328. To fix this issue add 'vm.overcommit_memory = 1' to /etc/sysctl.conf and then reboot or run the command 'sysctl vm.overcommit_memory=1' for this to take effect.
Perhaps someone can say something about this?
I was experiencing symptoms (constant reset / never-ending login loops, failed-to-fetch resources on the rare occasion I managed to get past the login screen, etc) similar to those described here on a completely clean fresh install of Authentik 2024.4.2. Issues persisted despite shutting down and recreating containers, rebooting the entire docker server. At some point during troubleshooting I shut down the only other app I had running in docker at the time -- Immich. All of the issues with Authentik being unstable/unusable immediately went away. Immich also uses Postgres and Redis with the same tcp ports but it has unique container names so they shouldn't be conflicting with each other. Somehow in my case they seem to be, though. I haven't delved into troubleshooting too much more deeply yet but I'm curious if anyone else here is also running Immich alongside Authentik and if shutting Immich down temporarily resolves your issues as well.
@kenneth-ellis That way seems to work for me. I'm not sure why changing the command was working for nearly a month. Just rename all the redis name to authentik-redis works for me. I'm pretty sure I tried this without success before.
@FutureFlySpace All my redis instances have this log. My other servers do not have a problem.
Since nothing seems to be happening in this issue anyway and the problem has somehow solved itself for me, I will close the issue. Thanks anyway for the help