[bug] Backend broken

[alanmilinovic]

Description of the bug

On one of the last commits, backend in admin section is broken. All connections are gone, you can only view/edit labels.

Step by step instructions to reproduce the bug

Login to admin site.

Can you replicate that error from the demo?

No as I have no access to admin site on DEMO.

Observed behavior

config.json file is looking fine though.

Expected behavior

I should see all details for connections and should be able to edit them.

[mickael-kerjean]

I'm not sure what you mean, can you send a screenshot of the problem you are facing?

[alanmilinovic]

[mickael-kerjean]

There's been some change in this part indeed. The old behaviour can still be obtained by editing the connections key of the config.json manually and putting the value you want as default in there but the new preferred way of achieving what was in there is to use authentication middleware, the passthough or htpasswd will give more flexbility on that perspective that was previously available.

The problem with the old UX is that it was both confusing and would enable users to do terribly insecure things. The original intent of this feature was mostly cosmetic, making it possible to create login page that only shows a username and password fields but it got perverted in a way I didn't see initially with people pushing their password in there which is a terrible idea as the data in there is push back to the frontend, essentially exposing that data on the internet ....

That revamp essentially removed the footgun while keeping a way to get the original behaviour by:

1. editing the config.json file manually to get the same behaviour as before
2. using an authentication middleware, I've push by default the passthrough, htpasswd and admin authentication middleware which give more flexbility over those case than previously available

If your use case is different and isn't covered by the new UX, please share it here and I'll make sure it work as well.

[guillaumelamirand]

Hi, I have the related issue. After upgrading I cannot access my backend anymore, without anychange I got a 500 time out error and after updating the settings using the middleware stuff I got 401.

[zentale]

Similar for me. I am having a minio backend, which I do not store the credentials for on filestash. After upgrade, I followed the guidance on the ui, to use passthrough mode with username_and_password strategy. Then set access key to {{ .user }}, and secret to {{ .password }}. This gives me backend error - Not Allowed when logging in through the form.

If I hardcode the same values which I give on the form to the attribute mapping, it works.

[alanmilinovic]

Let's hope that Mickael will fix it in the future.

[Haarolean]

I have the same problem. I recently installed filestash (and I really like it, well, liked it, while it had been working fine). A few days passed without me touching it and now I observe the auth request (I had S3 + passthrough). On the admin page, I see this: All S3 settings are gone, also the "passthrough" middleware is greyed out like I never added it.

[mickael-kerjean]

I can't replicate this issue and without having a way to replicate it, there's not much I can do. If someone can post a config.json which shows the issue, we'd get closer to providing a solution for this

[stale[bot]]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

[ibuys]

Sorry to bring up an old issue again, but how can I use config.json to automatically set the hostname and hide that field from the login page?

I've tried using passthrough middleware, and it does let me set the hostname in the admin panel and hide it from the login page, but the login itself does not work, I keep getting an "oops" page. Setting up the config.json file would work better for me, but I'm happy to work with either.