Stuck on /admin/signin
This may be a non-issue, I found running npm start is when this is produced, but it behaves normalled with Keystone is run with npm run dev
If the correct credentials are entered, I expect to be directed to the Admin UI dashboard.
There are different responses offered by Firefox and Chrome:
I went away for a week and hadn't updated anything.
Now I have updated from 8.0.0 to 8.1.4. Same outcome.
node v12.11.0
npm 6.11.3
This sounds like the issue with secure cookies: https://www.keystonejs.com/keystonejs/keystone/#secure
Relevant writeup: https://gist.github.com/molomby/6fa22c165e0025f0f83d55195f3c6e37
I think you have not configured root index.js file well. This could be misconfigured issue.
apps: [
new GraphQLApp(),
new AdminUIApp({
adminPath: AppConfig.adminPath,
authStrategy,
isAccessAllowed: auth => (Boolean(true)),
}),
new NextApp({ dir: 'app' }),
]
Try to use isAccessAllowed: auth => (Boolean(true)), in your AdminUIApp, or define access-control method for isAccessAllowed by yourself.
isAccessAllowed already defaults to () => true if not provided.
Yeah this sounds a lot like the secure cookie problem. It's "by design" in the sense that it's trying to be secure by default but gives no warnings and doesn't really surface whats going on. This catches a lot of devs out.
It plays out like this:
start command is intended to be used in a production environment. As such, in the demo projects, it sets the NODE_ENV environment var to production.NODE_ENV === 'production' Keystone enables secure cookies by default. This is the by design/secure by default bit.Right now the simplest workaround is probably to add a new environment var to your app to specifically control the secureCookies Keystone config. Something like...
const keystone = new Keystone({
name: 'Save Walter White',
adapter: new KnexAdapter(adapterConfig),
secureCookies: process.env.INSECURE_COOKIES ? false : undefined,
});
Then, if you want to start the site in "production" mode, you can run...
INSECURE_COOKIES=true yarn start
Note the var is in the negative here (INSECURE_COOKIES not SECURE_COOKIES) because env vars like this come though as Strings. This makes passing a negative value difficult, eg. SECURE_COOKIES=false comes though as the String 'false' which is true. Thanks JavaScript.
IMPORTANT NOTE -- The above code works on the current @keystonejs/[email protected] release of Keystone but _will not work_ on the current master branch or future version due to breaking changes to the cookie config option. For future releases, the code would be...
const keystone = new Keystone({
name: 'Save Walter White',
adapter: new KnexAdapter(adapterConfig),
// Note slight change here:
cookie: { secure: process.env.INSECURE_COOKIES ? false : undefined },
});
As @Vultraz mentioned, a related issue rears its head in production if you have a reverse proxy. It's not difficult to fix (a few lines of config) but has be very difficult to troubleshoot for a lot of people. We're still working on smoothing off some of these sharp edges.
This sounds like the issue with secure cookies: https://www.keystonejs.com/keystonejs/keystone/#secure
Relevant writeup: https://gist.github.com/molomby/6fa22c165e0025f0f83d55195f3c6e37
I had the same problem when trying to run it behind nginx for production. And this successfully solved it for me.
Most helpful comment
Yeah this sounds a lot like the secure cookie problem. It's "by design" in the sense that it's trying to be secure by default but gives no warnings and doesn't really surface whats going on. This catches a lot of devs out.
It plays out like this:
startcommand is intended to be used in a production environment. As such, in the demo projects, it sets theNODE_ENVenvironment var toproduction.NODE_ENV === 'production'Keystone enables secure cookies by default. This is the by design/secure by default bit.Right now the simplest workaround is probably to add a new environment var to your app to specifically control the
secureCookiesKeystone config. Something like...Then, if you want to start the site in "production" mode, you can run...
Note the var is in the negative here (
INSECURE_COOKIESnotSECURE_COOKIES) because env vars like this come though as Strings. This makes passing a negative value difficult, eg.SECURE_COOKIES=falsecomes though as the String'false'which istrue. Thanks JavaScript.IMPORTANT NOTE -- The above code works on the current
@keystonejs/[email protected]release of Keystone but _will not work_ on the currentmasterbranch or future version due to breaking changes to the cookie config option. For future releases, the code would be...As @Vultraz mentioned, a related issue rears its head in production if you have a reverse proxy. It's not difficult to fix (a few lines of config) but has be very difficult to troubleshoot for a lot of people. We're still working on smoothing off some of these sharp edges.