Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

bug: api keys authentication does not work #1511

Closed
Meierschlumpf opened this issue Nov 20, 2024 · 0 comments · Fixed by #1512
Closed

bug: api keys authentication does not work #1511

Meierschlumpf opened this issue Nov 20, 2024 · 0 comments · Fixed by #1512
Assignees
@Meierschlumpf
Labels
bug Something isn't working
Milestone
1.0.0-beta

Comments

@Meierschlumpf
Copy link
Member

Provide environment information

System:
- OS: Windows 11 10.0.22631
- CPU: (20) x64 12th Gen Intel(R) Core(TM) i7-12700H
- Memory: 5.45 GB / 31.73 GB
Binaries:
- Node: 22.11.0 - C:\Program Files\nodejs\node.EXE
- Yarn: 1.22.22 - ~\AppData\Local\pnpm\yarn.CMD
- npm: 10.9.0 - C:\Program Files\nodejs\npm.CMD
- pnpm: 9.13.2 - C:\Program Files\nodejs\pnpm.CMD

Describe the bug

When checking the api key and creating a session it does not work as it compares the unhashed with hashed key.

image

const apiKeyFromDb = await db.query.apiKeys.findFirst({
    where: eq(apiKeys.apiKey, apiKeyHeaderValue),
    columns: {
      id: true,
      apiKey: false,
      salt: false,
    },
    with: {
      user: {
        columns: {
          id: true,
          name: true,
          email: true,
          emailVerified: true,
        },
      },
    },
});

Link to reproduction

http://localhost:3000/manage/tools/api

To reproduce

  1. Go to http://localhost:3000/manage/tools/api
  2. Create a api key
  3. Use the api key to get all users
  4. It fails with unauthorized

Additional information

No response
@Meierschlumpf Meierschlumpf added the bug Something isn't working label Nov 20, 2024
@Meierschlumpf Meierschlumpf added this to the 1.0.0-beta milestone Nov 20, 2024
@Meierschlumpf Meierschlumpf self-assigned this Nov 20, 2024
Meierschlumpf added a commit that referenced this issue Nov 20, 2024
@Meierschlumpf
fix: api keys authentication does not work #1511
4ffb40f
@Meierschlumpf Meierschlumpf mentioned this issue Nov 20, 2024
Merged
4 tasks
Meierschlumpf added a commit that referenced this issue Nov 20, 2024
@Meierschlumpf
fix: api keys authentication does not work #1511 (#1512)
72eda1f 
* fix: api keys authentication does not work #1511

* chore: add ip and user-agent to logs of unauthenticated api-keys
# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees

@Meierschlumpf Meierschlumpf

Labels
bug Something isn't working
Projects
None yet
Milestone
1.0.0-beta
Development

Successfully merging a pull request may close this issue.

fix: api keys authentication does not work #1511 homarr-labs/homarr
1 participant
@Meierschlumpf