Please some help loging-in!

Hi, I already installed OpenEdX on Azure and is alive but I haven’t been able to login because none of the default users/pass works.

The error message is always:

We couldn’t sign you in.

  • An unexpected error has occurred.

This is my instance: aprende.techo.org

Can somebody give me a hand please?

I’m very new in all this so I’ll have a lot of questions along the way. If there is anybody willing to guide, I’ll be very very thankful.

Hello @kike.ramirez,

Try to check your logs when you login to your platform. From the logs, you will get more idea about what is going wrong underneath.

And if you can’t understand the logs then share the error trace over here so that familiar people will be able to help you.

You can find logs over here: /edx/var/log/lms/edx.log

Hi @jramnai , thanks for the suggestion. Was useful.

When I try to login from my subdomain I get this:

Oct 29 19:59:51 aprende [service_variant=lms][django.security.csrf][env:sandbox] WARNING [aprende  3798] [user None] [log.py:228] - Forbidden (CSRF cookie not set.): /user_api/v1/account/login_session/
Oct 29 20:00:01 aprende [service_variant=lms][django.security.csrf][env:sandbox] WARNING [aprende  3798] [user None] [log.py:228] - Forbidden (CSRF cookie not set.): /user_api/v1/account/login_session/
Oct 29 20:00:04 aprende [service_variant=lms][openedx.core.lib.log_utils][env:sandbox] INFO [aprende  3801] [user None] [log_utils.py:37] - ApiKeyHeaderPermission used: ip="127.0.0.1", path="/notifier_api/v1/users/"

But when I try to login via localhost within the server wit the remote desktop I get this:

Oct 29 20:03:05 aprende [service_variant=lms][student.helpers][env:sandbox] WARNING [aprende  3794] [user None] [helpers.py:320] - Unsafe redirect parameter detected after login page: 'http://localhost:18010/'
Oct 29 20:03:28 aprende [service_variant=lms][audit][env:sandbox] INFO [aprende  3794] [user 13] [models.py:2450] - Login success - user.id: 13
Oct 29 20:04:06 aprende [service_variant=lms][audit][env:sandbox] INFO [aprende  3801] [user 17] [models.py:2450] - Login success - user.id: 17
Oct 29 20:04:41 aprende [service_variant=lms][student.helpers][env:sandbox] WARNING [aprende  3801] [user 13] [helpers.py:320] - Unsafe redirect parameter detected after login page: 'http://localhost:18010/'
Oct 29 20:04:45 aprende [service_variant=lms][openedx.core.djangoapps.content.block_structure.store][env:sandbox] INFO [aprende  3795] [user 13] [store.py:179] - BlockStructure: Not found in cache; block-v1:edX+DemoX+Demo_Course+type@course+block@course.
Oct 29 20:04:46 aprende [service_variant=lms][openedx.core.djangoapps.content.block_structure.store][env:sandbox] INFO [aprende  3795] [user 13] [store.py:166] - BlockStructure: Added to cache; block-v1:edX+DemoX+Demo_Course+type@course+block@course, size: 14128
Oct 29 20:05:00 aprende [service_variant=lms][openedx.core.lib.log_utils][env:sandbox] INFO [aprende  3794] [user None] [log_utils.py:37] - ApiKeyHeaderPermission used: ip="127.0.0.1", path="/notifier_api/v1/users/"
Oct 29 20:06:01 aprende [service_variant=lms][audit][env:sandbox] INFO [aprende  3798] [user 13] [models.py:2460] - Logout - user.id: 13
Oct 29 20:06:36 aprende [service_variant=lms][audit][env:sandbox] INFO [aprende  3797] [user 17] [models.py:2450] - Login success - user.id: 17
Oct 29 20:06:59 aprende [service_variant=lms][student.helpers][env:sandbox] WARNING [aprende  3802] [user 17] [helpers.py:320] - Unsafe redirect parameter detected after login page: 'http://localhost:18010/'

Here is the full log

There is anything I can we do to be able to login from my subdomain?

Hi @kike.ramirez,
it looks like this issue might be related to the changes to SameSite cookie behavior:

Do you have CSRF_COOKIE_SECURE and SESSION_COOKIE_SECURE set to true in /edx/etc/lms.yml? If not, you can do the following:

  1. Set them to true in both /edx/etc/lms.yml and /edx/etc/studio.yml.
  2. Restart your LMS with /edx/bin/supervisorctl restart lms cms.
  3. If the login works fine now, the set these variables in your deployment configurations to retain them between deployments:
    EDXAPP_CSRF_COOKIE_SECURE: true
    EDXAPP_SESSION_COOKIE_SECURE: true
    

HI @Agrendalath

Thanks for the suggestion.

I did set both values to true in both files and then restarted lms and cms, but didn’t work. This is the log result after that:

Oct 30 18:55:19 aprende [service_variant=lms][django.security.csrf][env:sandbox] WARNING [aprende  5726] [user None] [log.py:228] - Forbidden (CSRF cookie not set.): /user_api/v1/account/login_session/
Oct 30 18:55:23 aprende [service_variant=lms][django.security.csrf][env:sandbox] WARNING [aprende  5733] [user None] [log.py:228] - Forbidden (CSRF cookie not set.): /user_api/v1/account/login_session/
Oct 30 19:00:01 aprende [service_variant=lms][openedx.core.lib.log_utils][env:sandbox] INFO [aprende  5734] [user None] [log_utils.py:37] - ApiKeyHeaderPermission used: ip="127.0.0.1", path="/notifier_api/v1/users/"
Oct 30 19:05:02 aprende [service_variant=lms][openedx.core.lib.log_utils][env:sandbox] INFO [aprende  5736] [user None] [log_utils.py:37] - ApiKeyHeaderPermission used: ip="127.0.0.1", path="/notifier_api/v1/users/"
Oct 30 19:08:51 aprende [service_variant=lms][student.helpers][env:sandbox] WARNING [aprende  5733] [user None] [helpers.py:320] - Unsafe redirect parameter detected after login page: 'http://localhost:18010/'
Oct 30 19:10:02 aprende [service_variant=lms][openedx.core.lib.log_utils][env:sandbox] INFO [aprende  5734] [user None] [log_utils.py:37] - ApiKeyHeaderPermission used: ip="127.0.0.1", path="/notifier_api/v1/users/"
Oct 30 19:15:04 aprende [service_variant=lms][openedx.core.lib.log_utils][env:sandbox] INFO [aprende  5731] [user None] [log_utils.py:37] - ApiKeyHeaderPermission used: ip="127.0.0.1", path="/notifier_api/v1/users/"
Oct 30 19:20:03 aprende [service_variant=lms][openedx.core.lib.log_utils][env:sandbox] INFO [aprende  5731] [user None] [log_utils.py:37] - ApiKeyHeaderPermission used: ip="127.0.0.1", path="/notifier_api/v1/users/" 

Here is the complete log file

Hi @kike.ramirez,
I just noticed that you are not using SSL for your page, so my previous suggestion is not going to work. Could either revert it or add SSL to your page?

Before you applied these changes I disabled LAX in my browser and didn’t get this error on your page while trying to log in. Please try testing this (but only after applying one the changes I mentioned above in this comment) with Firefox after setting the following options set about:config:

network.cookie.sameSite.laxByDefault: false
network.cookie.sameSite.noneRequiresSecure: false

Alternatively you could also set:

network.cookie.sameSite.laxByDefault.disabledHosts: aprende.techo.org

Finally got it to work.

What I did?

1. Re installed everything again. I noted that I made a mistake with the config.yml and my-passwords.yml files. On my first installation I saved them in home ~ instead of root / and installed OpenEdX on root / . So for the second installation I saved them in root / and installed also in root.

After that I noticed that I was able to sing-in from firefox with the changes suggested by @Agrendalath.

2. I found this suggesting to change

DCS_SESSION_COOKIE_SAMESITE = 'None'

to

DCS_SESSION_COOKIE_SAMESITE = 'lax'

in common.py ( /edx/app/edxapp/edx-platform/lms/envs ). So I did and worked.

That thread also suggested to add a line in /edx/etc/lms.yml with:

DCS_SESSION_COOKIE_SAMESITE: lax

But I’m not sure if that’s helpful or needed so I didn’t. Do you think that I must add that line in lms.yml?

Thanks in advance,

1 Like

So, for the record, I tried to add a line in /edx/etx/lms.yml with:

DCS_SESSION_COOKIE_SAMESITE: lax

and then restarted lms, cms and edxapp_worker:

/edx/bin/supervisorctl restart lms cms edxapp_worker:

And that was the easiest fix (I didn’t modified /edx/app/edxapp/edx-platform/lms/envs/common.py this time)

1 Like

Same error, an worked for me as you said, only editing /edx/etx/lms.yml.

Thank you

1 Like

For a one-time change it’s fine to apply it there. But this configuration will be lost once you reinstall your instance. If you want to preserve it, you can set EDXAPP_DCS_SESSION_COOKIE_SAMESITE: Lax in your configuration variables.

1 Like