Authentication credentials were not provided about watcher HOT 17 CLOSED

Ok, thanks for the info but the popups are displayed immediately after I successfully authenticated!?

from watcher.

Authentication popup's error are displayed only if your authentication knox token is expired.

"DRF tokens track their creation time, but have no inbuilt mechanism for tokens expiring. Knox tokens can have an expiry configured in the app settings (default is 10 hours.)" from here.

If it's the case, you must logout / log in again.

Regards,

from watcher.

Based on logs, it seems that access to the "API" is the cause of those popups:

watcher | [22/Oct/2020 19:23:56] "GET /api/data_leak/alert/ HTTP/1.1" 401 58
watcher | [22/Oct/2020 19:23:56] "GET /static/css/fonts/MaterialIcons-Regular.woff2 HTTP/1.1" 304 0
watcher | 2020-10-22 19:24:00.002487 - CRON TASK : Suspicious Website Monitoring
watcher | [22/Oct/2020 19:24:03] "POST /api/auth/logout/ HTTP/1.1" 204 0
watcher | [22/Oct/2020 19:24:11] "POST /api/auth/login HTTP/1.1" 200 164
watcher | [22/Oct/2020 19:24:11] "GET /api/data_leak/alert/ HTTP/1.1" 401 58
watcher | [22/Oct/2020 19:24:11] "GET /api/data_leak/keyword/ HTTP/1.1" 401 58
watcher | [22/Oct/2020 19:24:20] "GET /api/dns_finder/alert/ HTTP/1.1" 401 58
watcher | [22/Oct/2020 19:24:20] "GET /api/site_monitoring/site/ HTTP/1.1" 401 58
watcher | [22/Oct/2020 19:24:20] "GET /api/dns_finder/dns_monitored/ HTTP/1.1" 401 58
watcher | [22/Oct/2020 19:24:31] "GET /api/site_monitoring/alert/ HTTP/1.1" 401 58
watcher | [22/Oct/2020 19:24:31] "GET /api/site_monitoring/site/ HTTP/1.1" 401 58
watcher | [22/Oct/2020 19:24:34] "GET /api/data_leak/alert/ HTTP/1.1" 401 58
watcher | [22/Oct/2020 19:24:34] "GET /api/data_leak/keyword/ HTTP/1.1" 401 58

Also, I don't see any data on dashboard (but they are present in the /admin part of the app

from watcher.

Have you tried to connect with your admin account created via the "createsuperuser" command line ?

from watcher.

Yes, exactly the same behavior!
[Edited]
And I see the Knox token in the admin interface (created, not expired, ...) looks fine.

from watcher.

Okay I will investigate further tomorrow.

from watcher.

Tx! I left the session open... and indeed after x hours, it says "Invalid token" and I've to reauthenticate.

from watcher.

So is this working? Can you browse the web interface tabs and see the data ?

from watcher.

No, I authenticate myself in the web interface then, I see immediately popups (cfr my 1st screenshot) and I can't see any data
In the docker logs, I see 401 errors when trying to access URLs starting with /api/... (cfr logs above)

from watcher.

This is what I have when I try to access a page:

watcher          | Unauthorized: /api/site_monitoring/site/
watcher          | [23/Oct/2020 10:43:48] "GET /api/site_monitoring/site/ HTTP/1.1" 401 58
watcher          | Unauthorized: /api/site_monitoring/alert/
watcher          | [23/Oct/2020 10:43:48] "GET /api/site_monitoring/alert/ HTTP/1.1" 401 58
``
+ the popups in the browser...

from watcher.

I really don't know why this happens. Try to create another user.
And if this issue persist, try to recreate your database and superuser via the documentation.

When doing docker-compose up, do not forget to wait until you see:

watcher | db_watcher is up, starting Watcher.
watcher | Performing system checks...
watcher |
watcher | System check identified no issues (0 silenced).
watcher |
watcher | You have 66 unapplied migration(s). Your project may not work properly until you apply the migrations for app(s): admin, auth, contenttypes, data_leak, dns_finder, knox, sessions, site_monitoring, threats_watcher.
watcher | Run 'python manage.py migrate' to apply them.
watcher | October 23, 2020 - 13:09:40
watcher | Django version 3.1.1, using settings 'watcher.settings'
watcher | Starting development server at http://0.0.0.0:9002/
watcher | Quit the server with CONTROL-C.

from watcher.

Recreated a new environment on a spare Docker instance... Same results :( I followed carefully the documentation... Any tip to dive into the code to try to find where those "Unauthorized: /api/site_monitoring/alert/" are generated?

What I did:
Connect to /admin with root account, create another account
Connect to the interface with new account and add some keywords (already, I see the popups)
Connect to /admin with new account, I see my keywords
Connect back to the interface with new account, I can't see the keywords anymore and more popups...
I'm lost! :(

[Edited]
What I see for the 1st access to the API:

Unauthorized: /api/auth/user
[23/Oct/2020 17:08:43] "GET /api/auth/user HTTP/1.1" 401 58

from watcher.

Ok, I found more interesting info...
Have a look at the screenshot: The 1st HTTP request gets back a 301...
When the 2nd HTTP request is performed, the 'Authentication' header is NOT passed to the server!?

[Edited]
I understand that the header is dropped for security reasons but... why do I see lot of redirects (url without trailing '/' being redirected to url with a trailing '/')?

from watcher.

Ok I see why the redirection happens... I will modify https://github.com/Felix83000/Watcher/blob/master/Watcher/Watcher/frontend/src/actions/SiteMonitoring.js by adding "/" and I come back to you.

Thx

from watcher.

I made the modification (34840fb).

May you try and come back to me?

Thx

from watcher.

Update procedure: https://felix83000.github.io/Watcher/README.html#update-watcher

from watcher.

Upgraded and it's much better! Thanks for your help!

from watcher.