Re: Question regarding mail server - Mailing list pgadmin-support
| From | Christos Roussidis |
|---|---|
| Subject | Re: Question regarding mail server |
| Date | |
| Msg-id | CAPR28xhgX__7sm+JhP5ROLG-UwcDPssr3h_psk6MFa3godx+rg@mail.gmail.com Whole thread Raw |
| In response to | Re: Question regarding mail server (Aditya Toshniwal <aditya.toshniwal@enterprisedb.com>) |
| List | pgadmin-support |
Hi Aditya,
You're right it indeed solves the problem as described. I will report it in the github.
I am facing another problem with the new version 7.5 that was not existent in the 7.3 version.
I am running pgadmin as an apache virtual host based on the official example from the documentation. My config is as follows
/etc/apache2/sites-available/pgadmin.conf
You're right it indeed solves the problem as described. I will report it in the github.
I am facing another problem with the new version 7.5 that was not existent in the 7.3 version.
I am running pgadmin as an apache virtual host based on the official example from the documentation. My config is as follows
/etc/apache2/sites-available/pgadmin.conf
<VirtualHost *:5050>
ServerName pgadmin.example.com
WSGIDaemonProcess pgadmin processes=1 threads=25 python-home=/usr/pgadmin4/venv/
WSGIScriptAlias / /usr/pgadmin4/web/pgAdmin4.wsgi
DocumentRoot /usr/pgadmin4/web
<Directory /usr/pgadmin4/web>
WSGIProcessGroup pgadmin
WSGIApplicationGroup %{GLOBAL}
Options -Indexes -MultiViews
AllowOverride none
Require all granted
</Directory>
</VirtualHost>
In version 7.5 I am accessing pgadmin in http://localhost:5050 and I get the credentials page. When I enter the credentials the page that I am being redirected to is http://localhost/pgadmin4 which doesn't work in the application so there is something wrong behind the scenes redirecting the page which was introduced now. The same exact config was working with version 7.3
I changed the above configuration to the line below. Now everything works as expected but I have to access the page with http://localhost:5050/pgadmin4 which is not the desired behavior.
I changed the above configuration to the line below. Now everything works as expected but I have to access the page with http://localhost:5050/pgadmin4 which is not the desired behavior.
WSGIScriptAlias /pgadmin4 /usr/pgadmin4/web/pgAdmin4.wsgi
There is an old issue describing the exact same problem https://github.com/pgadmin-org/pgadmin4/issues/5454. This behavior was not existent in version 7.3 even though the line that you suggested to remove is there.
Thank you in advance,
Kind regards,
Christos
On Thu, Jul 27, 2023 at 1:18 PM Aditya Toshniwal <aditya.toshniwal@enterprisedb.com> wrote:
Hi Christos,I found the issue. I was using the default config, but it is reproducible with MFA_SUPPORTED_METHODS = ["authenticator"].As a workaround, you can remove MFA_SUPPORTED_METHODS from your config_system. It will show up the email option in 2FA setup but 2FA will work fine.Do you mind reporting the issue here for tracking - https://github.com/pgadmin-org/pgadmin4/issues?On Thu, Jul 27, 2023 at 4:27 PM Christos Roussidis <xristos.roussidis@gmail.com> wrote:This is the log dump I am getting. I have setup the 2FA already with an authenticator and when I log in using my credentials I get the below error.2023-07-27 12:53:14,574: ERROR pgadmin: 'mfa.send_email_code'Traceback (most recent call last):File "/usr/pgadmin4/venv/lib/python3.10/site-packages/flask/app.py", line 1823, in full_dispatch_requestrv = self.dispatch_request()File "/usr/pgadmin4/venv/lib/python3.10/site-packages/flask/app.py", line 1799, in dispatch_requestreturn self.ensure_sync(self.view_functions[rule.endpoint])(**view_args)File "/usr/pgadmin4/venv/lib/python3.10/site-packages/flask_login/utils.py", line 290, in decorated_viewreturn current_app.ensure_sync(func)(*args, **kwargs)File "/usr/pgadmin4/web/pgadmin/authenticate/mfa/views.py", line 137, in validate_viewreturn Response(render_template(File "/usr/pgadmin4/venv/lib/python3.10/site-packages/flask/templating.py", line 147, in render_templatereturn _render(app, template, context)File "/usr/pgadmin4/venv/lib/python3.10/site-packages/flask/templating.py", line 130, in _renderrv = template.render(context)File "/usr/pgadmin4/venv/lib/python3.10/site-packages/jinja2/environment.py", line 1301, in renderself.environment.handle_exception()File "/usr/pgadmin4/venv/lib/python3.10/site-packages/jinja2/environment.py", line 936, in handle_exceptionraise rewrite_traceback_stack(source=source)File "/usr/pgadmin4/web/pgadmin/authenticate/mfa/templates/mfa/validate.html", line 2, in top-level template code{% set page_props = {File "/usr/pgadmin4/venv/lib/python3.10/site-packages/flask/app.py", line 2020, in url_forself.inject_url_defaults(endpoint, values)File "/usr/pgadmin4/venv/lib/python3.10/site-packages/flask/app.py", line 2257, in inject_url_defaultsfunc(endpoint, values)File "/usr/pgadmin4/web/pgadmin/__init__.py", line 883, in add_internal_versionurls = [url for url in app.url_map.iter_rules(endpoint)]File "/usr/pgadmin4/venv/lib/python3.10/site-packages/werkzeug/routing/map.py", line 164, in iter_rulesreturn iter(self._rules_by_endpoint[endpoint])KeyError: 'mfa.send_email_code'On Thu, Jul 27, 2023 at 12:50 PM Aditya Toshniwal <aditya.toshniwal@enterprisedb.com> wrote:Hi Christos,2FA is applicable for server mode only. And I tested in server mode. I used pgAdmin default config.Can you please share the screenshot and logs for v7.5?On Thu, Jul 27, 2023 at 4:05 PM Christos Roussidis <xristos.roussidis@gmail.com> wrote:Hello Aditya,
Thank you for your prompt response,
Did it work on the desktop mode or in server mode? I face that problem in the server mode.
I will send you the configuration I have set
OS: debian 11
pgadmin4 version :7.3 (working, but error is being printed in logs), 7.5 (not working)
config file location: /etc/pgadmin/config_system.py
Contents of config file########################################################################### Two-factor Authentication Configuration########################################################################### Set it to True, to enable the two-factor authenticationMFA_ENABLED = True# Set it to True, to ask the users to register forcefully for the# two-authentication methods on logged-in.MFA_FORCE_REGISTRATION = False# pgAdmin supports Two-factor authentication by either sending an one-time code# to an email, or using the TOTP based application like Google Authenticator.MFA_SUPPORTED_METHODS = ["authenticator"]# NOTE: Please set the 'Mail server settings' to use 'email' as two-factor# authentication method.# Subject for the email verification code# Default: <APP_NAME> - Verification Code# e.g. pgAdmin 4 - Verification CodeMFA_EMAIL_SUBJECT = NoneThese are all the settings that I have and experiencing the issue (also, having postfix installed or not doesn't change anything as the issue persists on two different machines)
Thank you in advance.
Kind Regards,
ChristosOn Thu, Jul 27, 2023 at 12:27 PM Aditya Toshniwal <aditya.toshniwal@enterprisedb.com> wrote:Hi Christos,I tried simply setting up 2FA without SMTP config and things worked fine. No email required and no errors.The password reset is required to send email as pgAdmin needs to send the reset link for the first "email with password" authentication.On Thu, Jul 27, 2023 at 3:34 PM Christos Roussidis <xristos.roussidis@gmail.com> wrote:Hello,
I would like to ask you a question regarding the mail server. So when running pgadmin4 in server mode it requires a mail server to send emails for things like 2FA and password reset.
It seems impossible though to disable that function. Our setup doesn't need a mail server at all as we only use authenticator for the 2FA and admins are able to configure passwords and change them for the rare case that the user needs a reset on them.
On version 7.3 I am getting in logs the error
> 2023-07-27 11:37:09,086: ERROR pgadmin: 'mfa.send_email_code'
The above error on version 7.5 is not silent anymore and even breaks our running pgadmin4 instance. It would really help if we had a toggle switch in the settings where we could completely disable the mail server functionality.
Thank you in advance
--Thanks,Aditya Toshniwal"Don't Complain about Heat, Plant a TREE"--Thanks,Aditya Toshniwal"Don't Complain about Heat, Plant a TREE"--Thanks,Aditya Toshniwal"Don't Complain about Heat, Plant a TREE"
pgadmin-support by date: