Auth is broken when running web server with uwsgi

[mbonino]

Before opening an issue, please make do a quick search through the current issues and the mailing list (https://groups.google.com/forum/#!forum/yeti-users) to see if it hasn't been answered already.

Description

I'm testing release 1.8.0 in Docker before upgrading a production instance. Running the webserver with uwsgi is paramount.

Everything seems to be working fine when the default user yeti is the only user. After creating another admin user the UI is completely useless.

Login fails most of the time. When login finally succeed, clicking on the menus brings you back to the login page.

Maybe unrelated, all API calls from the UI are refused with 401 Unauthorized. Screenshots below.

### Environment

Question	Answer
Git commit	e0b37d21e6673a4ec9467710f7384ac0e8a26f5a
OS version	Docker image based on ubuntu:20.04
Browser	Chrome 92.0.4515.107, Safari 14.1.2 (16611.3.10.1.3)

Steps to Reproduce

1. git clone --branch 1.8.0 https://github.com/yeti-platform/yeti.git
2. cd yeti
3. docker-compose -p yeti -f extras/docker/dev/docker-compose.yaml run -p 8080:8080 yeti /docker-entrypoint.sh uwsgi-http
4. open http://localhost:8080/
5. create an admin user
6. login as the new user
7. click on the menus
8. check the HTTP request and response codes. You should see some 401 Unauthorized before the Yeti kicks you out.
9. go back to 6

Expected behavior

Users other than the default one should be able to use the UI. The session cookie should authorize API calls.

Actual behavior

Login fails often. When finally in, navigating the menus brings you back to the login page. API calls from the UI always fail.

[sebdraven]

It's very strange because we don't modify the process of auth. And in my instance on docker, I don't have this issue. Can you test with an another browser ?

[mbonino]

I believe the issue is cause by this assignement.

I changed it to: webapp.secret_key = b'A_fixed_pregenerated_random_value' and I don't have login issues anymore.