Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Trouble with tokens - reverse proxy

See original GitHub issue

I have a bit of a strange issue that I’ve noticed with auth, reverse proxy, and tokens.

I have my HA notification using the following URLs for both preview and image links, just like the documentation. https://double-take.mydomain.com/api/storage/matches/{{trigger.to_state.attributes.match.filename}}?box=true&token={{trigger.to_state.attributes.token}}

The preview image will show up in the notification, but clicking the link leads to an error page displaying {"error":"Unauthorized"}

Loading the UI, finding the same image, and comparing the links show the last part of the token is different.

For instance, the URL for the image I get from the notification would have something like: ...token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJyb3V0ZSI6InN0b3JhZ2UiLCJpYXQiOjE2Mjk4MzE0MTgsImV4cCI6MTYyOTgzNTAxOH0.huZHokRVXgSyfYGdYULEDtntf-Hvt1BHgg7JUdZDw64 and the URL for the image I get from the double-take UI would have something like: ...token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJyb3V0ZSI6InN0b3JhZ2UiLCJpYXQiOjE2Mjk4NDk0ODcsImV4cCI6MTYyOTg1MzA4N30.77ji-R4ILNos6ooQ7EpWqheliN-5hI9MnuNKKLdwPDc

It seems weird that the image will show fine in the notification preview, but not actually load when tapping on the image link.

Issue Analytics

  • State:closed
  • Created 2 years ago
  • Comments:6 (3 by maintainers)

github_iconTop GitHub Comments

1reaction
D34DC3N73Rcommented, Sep 2, 2021

Thanks, that did the trick!

0reactions
jakowenkocommented, Aug 30, 2021

Hey @D34DC3N73R, I pushed a new beta build with the ability to adjust this. I’m defaulting it to 24h currently, but can be adjusted by adding this to your config. The value is expressed in seconds or a string describing a time span zeit/ms. Let me know if this resolves your issue.

token:
  image: 24h
Read more comments on GitHub >

github_iconTop Results From Across the Web

Issue in the Token Generation using a Reverse Proxy Server ...
Solved: Hello, The environment is ArcGIS Enterprise 10.7.1 federated and distributed in 3 servers in Windows Server (Portal, ...
Read more >
How to protect token for reverse proxy server - Stack Overflow
I know what is reverse proxy and how it works. I just want to know what if the hacker tries to get access...
Read more >
CSRF token broken when behind reverse proxy #736 - GitHub
Trying to use osTicket (v1.8.1-dpr) behind a reverse proxy, reliably getting Invalid CSRF Token __CSRFToken__ Invalid CSRF token ...
Read more >
nginx + csrf token issues with reverse proxy - OPNsense Forum
Hi, I have a web-application that up until now used a NAT port-forward. However I need URL-based filtering. As the application is "closed", ......
Read more >
LFS token authorization problem when behind a reverse proxy
LFS token seems to override standard Authorization header (so can pass auth in reverse proxy) with LFS token, that is not correct for...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

Feature Request: Move image when trained and update name

Next page

train/add/name not working