Hi, I already installed OpenEdX on Azure and is alive but I haven’t been able to login because none of the default users/pass works.
The error message is always:
We couldn’t sign you in.
- An unexpected error has occurred.
This is my instance: aprende.techo.org
Can somebody give me a hand please?
I’m very new in all this so I’ll have a lot of questions along the way. If there is anybody willing to guide, I’ll be very very thankful.
Hello @kike.ramirez,
Try to check your logs when you login to your platform. From the logs, you will get more idea about what is going wrong underneath.
And if you can’t understand the logs then share the error trace over here so that familiar people will be able to help you.
You can find logs over here: /edx/var/log/lms/edx.log
Hi @jramnai , thanks for the suggestion. Was useful.
When I try to login from my subdomain I get this:
Oct 29 19:59:51 aprende [service_variant=lms][django.security.csrf][env:sandbox] WARNING [aprende 3798] [user None] [log.py:228] - Forbidden (CSRF cookie not set.): /user_api/v1/account/login_session/
Oct 29 20:00:01 aprende [service_variant=lms][django.security.csrf][env:sandbox] WARNING [aprende 3798] [user None] [log.py:228] - Forbidden (CSRF cookie not set.): /user_api/v1/account/login_session/
Oct 29 20:00:04 aprende [service_variant=lms][openedx.core.lib.log_utils][env:sandbox] INFO [aprende 3801] [user None] [log_utils.py:37] - ApiKeyHeaderPermission used: ip="127.0.0.1", path="/notifier_api/v1/users/"
But when I try to login via localhost within the server wit the remote desktop I get this:
Oct 29 20:03:05 aprende [service_variant=lms][student.helpers][env:sandbox] WARNING [aprende 3794] [user None] [helpers.py:320] - Unsafe redirect parameter detected after login page: 'http://localhost:18010/'
Oct 29 20:03:28 aprende [service_variant=lms][audit][env:sandbox] INFO [aprende 3794] [user 13] [models.py:2450] - Login success - user.id: 13
Oct 29 20:04:06 aprende [service_variant=lms][audit][env:sandbox] INFO [aprende 3801] [user 17] [models.py:2450] - Login success - user.id: 17
Oct 29 20:04:41 aprende [service_variant=lms][student.helpers][env:sandbox] WARNING [aprende 3801] [user 13] [helpers.py:320] - Unsafe redirect parameter detected after login page: 'http://localhost:18010/'
Oct 29 20:04:45 aprende [service_variant=lms][openedx.core.djangoapps.content.block_structure.store][env:sandbox] INFO [aprende 3795] [user 13] [store.py:179] - BlockStructure: Not found in cache; block-v1:edX+DemoX+Demo_Course+type@course+block@course.
Oct 29 20:04:46 aprende [service_variant=lms][openedx.core.djangoapps.content.block_structure.store][env:sandbox] INFO [aprende 3795] [user 13] [store.py:166] - BlockStructure: Added to cache; block-v1:edX+DemoX+Demo_Course+type@course+block@course, size: 14128
Oct 29 20:05:00 aprende [service_variant=lms][openedx.core.lib.log_utils][env:sandbox] INFO [aprende 3794] [user None] [log_utils.py:37] - ApiKeyHeaderPermission used: ip="127.0.0.1", path="/notifier_api/v1/users/"
Oct 29 20:06:01 aprende [service_variant=lms][audit][env:sandbox] INFO [aprende 3798] [user 13] [models.py:2460] - Logout - user.id: 13
Oct 29 20:06:36 aprende [service_variant=lms][audit][env:sandbox] INFO [aprende 3797] [user 17] [models.py:2450] - Login success - user.id: 17
Oct 29 20:06:59 aprende [service_variant=lms][student.helpers][env:sandbox] WARNING [aprende 3802] [user 17] [helpers.py:320] - Unsafe redirect parameter detected after login page: 'http://localhost:18010/'
There is anything I can we do to be able to login from my subdomain?
Hi @kike.ramirez,
it looks like this issue might be related to the changes to SameSite cookie behavior:
Do you have CSRF_COOKIE_SECURE and SESSION_COOKIE_SECURE set to true in /edx/etc/lms.yml? If not, you can do the following:
/edx/etc/lms.yml and /edx/etc/studio.yml./edx/bin/supervisorctl restart lms cms.EDXAPP_CSRF_COOKIE_SECURE: true
EDXAPP_SESSION_COOKIE_SECURE: true
HI @Agrendalath
Thanks for the suggestion.
I did set both values to true in both files and then restarted lms and cms, but didn’t work. This is the log result after that:
Oct 30 18:55:19 aprende [service_variant=lms][django.security.csrf][env:sandbox] WARNING [aprende 5726] [user None] [log.py:228] - Forbidden (CSRF cookie not set.): /user_api/v1/account/login_session/
Oct 30 18:55:23 aprende [service_variant=lms][django.security.csrf][env:sandbox] WARNING [aprende 5733] [user None] [log.py:228] - Forbidden (CSRF cookie not set.): /user_api/v1/account/login_session/
Oct 30 19:00:01 aprende [service_variant=lms][openedx.core.lib.log_utils][env:sandbox] INFO [aprende 5734] [user None] [log_utils.py:37] - ApiKeyHeaderPermission used: ip="127.0.0.1", path="/notifier_api/v1/users/"
Oct 30 19:05:02 aprende [service_variant=lms][openedx.core.lib.log_utils][env:sandbox] INFO [aprende 5736] [user None] [log_utils.py:37] - ApiKeyHeaderPermission used: ip="127.0.0.1", path="/notifier_api/v1/users/"
Oct 30 19:08:51 aprende [service_variant=lms][student.helpers][env:sandbox] WARNING [aprende 5733] [user None] [helpers.py:320] - Unsafe redirect parameter detected after login page: 'http://localhost:18010/'
Oct 30 19:10:02 aprende [service_variant=lms][openedx.core.lib.log_utils][env:sandbox] INFO [aprende 5734] [user None] [log_utils.py:37] - ApiKeyHeaderPermission used: ip="127.0.0.1", path="/notifier_api/v1/users/"
Oct 30 19:15:04 aprende [service_variant=lms][openedx.core.lib.log_utils][env:sandbox] INFO [aprende 5731] [user None] [log_utils.py:37] - ApiKeyHeaderPermission used: ip="127.0.0.1", path="/notifier_api/v1/users/"
Oct 30 19:20:03 aprende [service_variant=lms][openedx.core.lib.log_utils][env:sandbox] INFO [aprende 5731] [user None] [log_utils.py:37] - ApiKeyHeaderPermission used: ip="127.0.0.1", path="/notifier_api/v1/users/"
Hi @kike.ramirez,
I just noticed that you are not using SSL for your page, so my previous suggestion is not going to work. Could either revert it or add SSL to your page?
Before you applied these changes I disabled LAX in my browser and didn’t get this error on your page while trying to log in. Please try testing this (but only after applying one the changes I mentioned above in this comment) with Firefox after setting the following options set about:config:
network.cookie.sameSite.laxByDefault: false
network.cookie.sameSite.noneRequiresSecure: false
Alternatively you could also set:
network.cookie.sameSite.laxByDefault.disabledHosts: aprende.techo.org
Finally got it to work.
What I did?
1. Re installed everything again. I noted that I made a mistake with the config.yml and my-passwords.yml files. On my first installation I saved them in home ~ instead of root / and installed OpenEdX on root / . So for the second installation I saved them in root / and installed also in root.
After that I noticed that I was able to sing-in from firefox with the changes suggested by @Agrendalath.
2. I found this suggesting to change
DCS_SESSION_COOKIE_SAMESITE = 'None'
to
DCS_SESSION_COOKIE_SAMESITE = 'lax'
in common.py ( /edx/app/edxapp/edx-platform/lms/envs ). So I did and worked.
That thread also suggested to add a line in /edx/etc/lms.yml with:
DCS_SESSION_COOKIE_SAMESITE: lax
But I’m not sure if that’s helpful or needed so I didn’t. Do you think that I must add that line in lms.yml?
Thanks in advance,
So, for the record, I tried to add a line in /edx/etx/lms.yml with:
DCS_SESSION_COOKIE_SAMESITE: lax
and then restarted lms, cms and edxapp_worker:
/edx/bin/supervisorctl restart lms cms edxapp_worker:
And that was the easiest fix (I didn’t modified /edx/app/edxapp/edx-platform/lms/envs/common.py this time)
Same error, an worked for me as you said, only editing /edx/etx/lms.yml.
Thank you
For a one-time change it’s fine to apply it there. But this configuration will be lost once you reinstall your instance. If you want to preserve it, you can set EDXAPP_DCS_SESSION_COOKIE_SAMESITE: Lax in your configuration variables.
Thanks!
So, in conclusion summarizing all your comments I guess the solution will be adding the next lines to the config.yml file when installing:
EDXAPP_CSRF_COOKIE_SECURE: true
EDXAPP_SESSION_COOKIE_SECURE: true
EDXAPP_DCS_SESSION_COOKIE_SAMESITE: laxHi @kike.ramirez! Thank you for sharing the solution! I did the same changes, however, still “An error has occurred. Try refreshing the page, or check your Internet connection.”
regards, Yermek