Too many redirects

MrVinnie · April 19, 2022, 7:33pm

Hi All,

I have successfully installed an instance of corteza, which I can login to and work correctly on a desktop browser. However, as soon as I try and access the same site via a mobile device (iphone & ipad) I can get to the login page. But I then get a “Too Many Redirects” page appear when it is trying to load the ?code= page.
Anyone found a reason for this, I have tried adding the letsencrypt_host and http_ssl_terminated configurations in .env but no improvement.

Any ideas gratefully appreciated!

munawir · April 19, 2022, 8:04pm

Hey @MrVinnie, welcome to the community

I’ve encountered this issue before. it’s because you do a lot of HTTP request in a minute.
(I’m not sure why Corteza does that! cc @tjerman )

however, there is an env called AUTH_REQUEST_RATE_LIMIT with a default value of 60
increase it as much as you want (I set it up to 200)

hope this could help

MrVinnie · April 19, 2022, 10:15pm

Hey @munawir, thanks for the quick reply!
Sadly, this hasn’t fixed the issue, I even set it to 0 to disable it.

I have run it in debug and when hitting the site I am getting:

server_1 | {“level”:“debug”,“ts”:1650406168.121901,“msg”:“redirect URI check for client is disabled (empty validation list)”,“sent”:“https://************/auth/callback”}

Any thoughts?

munawir · April 19, 2022, 10:27pm

I don’t think you can disable it !!
did you try to increase it to 500, just to see if that is the issue

MrVinnie · April 19, 2022, 10:46pm

Sadly, still not fixing the issue I’m afraid.
I have just also tried it on the https://latest.cortezaproject.org/ site with the same results.

I am using the .env setup as:

# General settings
DOMAIN=************
VERSION=2022.3.0

#################################################################################################################>
# Database connection

DB_DSN=dbuser:dbpass@tcp(db:3306)/dbname?collation=utf8mb4_general_ci

#################################################################################################################>
# Server settings

# Serve Corteza webapps alongside API
HTTP_WEBAPP_ENABLED=true

# Send action log to container logs as well
# ACTIONLOG_DEBUG=true

# Uncomment for extra debug info if something goes wrong
LOG_LEVEL=debug

# Use nicer and colorful log instead of JSON
# LOG_DEBUG=true

#################################################################################################################>
# Authentication

# Secret to use for JWT token
# Make sure you change it (>30 random characters) if
# you expose your deployment to outside traffic
AUTH_JWT_SECRET=****************************************************
AUTH_REQUEST_RATE_LIMIT=500

Can you see anything else I am doing wrong?

tjerman · April 20, 2022, 3:46pm

@MrVinnie if you open a private window on your mobile and try it there, does it fix it?

The error you’re seeing is thrown by the auth plugin in case something starts looping which is quite strange.

We’ll take a look and try to resolve it but in the meantime try to (if possible) clear browser local storage (not sure how that is done on mobile) or try using private tabs.

By the way, 2022.3.1 was released earlier today so you should consider updating – it adds a bunch of optimizations.

MrVinnie · April 20, 2022, 3:59pm

Hi @tjerman,

Thanks for the feedback, I have just upgraded to 2022.3.1 same result.
Also the same using private tabs and clearing the browser local storage.

Another interesting fact is that it doesn’t seem to record the login attempt in the audit logs, where it does on the computer.

Hope that helps, I have also tried it on the latest.cortexaproject.org site with private as well, with same results.

Thanks for your help!

MrVinnie · April 21, 2022, 6:34pm

Hi,

Any further ideas? As if we can’t get this to work I need to look at another solution moving forward. Which would be a shame as Corteza would have been a perfect fit!

Many thanks!

munawir · April 21, 2022, 9:42pm

@MrVinnie could you check this topic Upgraded to 2021.3 but cannot access corteza - #17 by Eazyfreight

I know it’s a year old but it wouldn’t hurt if you tried some of the env variables

MrVinnie · April 23, 2022, 7:20pm

Hi,

Thanks for the recommendation, I have tried this and also tried different oAuth settings, with sadly the same results.

tjerman · April 25, 2022, 3:17pm

Nothing new as of now but I was about to take a look at it so we might have some more info sometime this week.

I don’t imagine this being a dealbreaker while you’re in the process of configuring your Low Code app.
We’ll have this resolved so I wouldn’t stress too much about it

tjerman · April 26, 2022, 12:47pm

This issue should be resolved by the next 2022.3 patch.
2022.3.2-rc.1 is expected to release next week

kolski · May 2, 2022, 11:37am

Check your networks:

docker network ls