Romulus
·
Added a discussion
Login form and Google Connect after upgrade to 14.0.0-RC4 TO 14.0.0-RC5

After upgrade Google Connect I encountered the error: “State parameter doesn’t match,” and the login form displays Token expired. Please try again.which prevents login or create new accounts to the website. I cleared the cache via ssh from the folders, as I no longer have access to the studio, and I also restarted the memcached server, but there was no change. Additionally, I cleared the cache from the browser. I will check the logs to see if I can find any errors.

UPDATE:

  1. I have uninstaled manualy in phpmyadmin Google Connect, I manually replaced all the files of UNA 14.0.0-RC5 core with fresh files from UNA MARKET and only added the old storage folder from the previous site, along with the the old modules and the header.inc.php file. I also deleted the install folder, so all core files have been replaced. However, the login error persists. I will manually repl;ace all the module folders to see if this upgrade can be successfully completed or not. The login error persist: Token expired. Please try again.
  2. I tested with both php8.1 and php8.2 the same error The login error persist: Token expired. Please try again.

cat logs/sys_modules.log

Apr 02 02:31:42 [0] CRON :
[upgrade] Cannot get a list of modules which require to be updated.
Apr 02 03:03:06 [0] CRON Array
(
  [0] => :
[upgrade] Successfully updated modules:
  [1] => Array
    (
      [bx_artificer] => 14.0.9
      [bx_convos] => 14.0.3
      [bx_developer] => 14.0.6
      [bx_forum] => 14.0.6
      [bx_en] => 14.0.9
      [bx_notifications] => 14.0.8
      [bx_payment] => 14.0.9
      [bx_timeline] => 14.0.9
    )

)
Apr 03 02:30:02 [0] CRON :
[upgrade] Cannot get a list of modules which require to be updated.

cat logs/upgrade.log

--------- 2024-12-07T04:38:03+00:00
14.0.0.RC1-14.0.0.RC2 upgrade will be applied
Files permissions are ok and can be overwritten
Files copying successfully completed
Deprecated files were successfully deleted or there is no files to delete
System files hash was successfully updated
System SQL script was successfully executed
The following languages will be affected for system:
 - No languages will be affected
System after update custom script was successfully executed




--------- 2025-02-06T03:01:10+00:00
14.0.0.RC2-14.0.0.RC3 upgrade will be applied
Files permissions are ok and can be overwritten
Files copying successfully completed
Deprecated files were successfully deleted or there is no files to delete
System files hash was successfully updated
System SQL script was successfully executed
The following languages will be affected for system:
 - No languages will be affected
System after update custom script was successfully executed




--------- 2025-03-11T03:01:01+00:00
14.0.0.RC3-14.0.0.RC4 upgrade will be applied
Files permissions are ok and can be overwritten
Files copying successfully completed
Deprecated files were successfully deleted or there is no files to delete
System files hash was successfully updated
System SQL script was successfully executed
The following languages will be affected for system:
 - No languages will be affected
System after update custom script was successfully executed




--------- 2025-04-02T03:02:01+00:00
14.0.0.RC4-14.0.0.RC5 upgrade will be applied
Files permissions are ok and can be overwritten
Files copying successfully completed
Deprecated files were successfully deleted or there is no files to delete
System files hash was successfully updated
System SQL script was successfully executed
The following languages will be affected for system:
 - No languages will be affected
  • 1239
Comments

    • It can happen if the block or page with login form is cached, so token parameter isn't renewing, it can be if you enabled cache for this block or this page in Studio, or maybe you are using some caching settings in your webserver, or maybe you are using Cloudflare with caching enabled.

      • I just enabled memcached from studio settings, www.example.com/studio/settings.php and it works perfectly on all previous versions, except this version.

        my default.conf :

        server {
    listen 8080 default_server;
    server_name localhost;

    root /opt/una;
    client_max_body_size 2048M;

    ###########################################################################
    ## Client Timeout                                                        ##
    ###########################################################################

    ## request timed out -- default 60
    # read timeout for the request body from client, its set for testing purpose
    client_body_timeout 3600;

    # how long to wait for the client to send a request header, its set for testing purpose
    client_header_timeout 3600;

    # server will close connection after this time
    keepalive_timeout 3600;

    ## if client stop responding, free up memory -- default 60
    send_timeout 3600;

    ## Reset lingering timed out connections. Deflect DDoS.
    ## allow the server to close connection on non responding client, this will free up memory
    reset_timedout_connection on;

    ###########################################################################
    ## Proxy Timeout                                                         ##
    ###########################################################################

    proxy_connect_timeout 3600;
    proxy_send_timeout 3600;
    proxy_read_timeout 3600;

    ###########################################################################
    ## Location /                                                            ##
    ###########################################################################

    location / {
        index index.html index.htm index.php;

        rewrite "^/page/(.*)$" /page.php?i=$1 last;
        rewrite "^/m/(.*)$" /modules/index.php?r=$1 last;
        rewrite "^/s/([a-zA-Z0-9_]+)/([a-zA-Z0-9\.]+)" /storage.php?o=$1&f=$2 last;

        if (!-e $request_filename) {
            rewrite  ^/(.+) /r.php?_q=$1  last;
            break;
        }

        # Block requests with suspicious patterns
         ($query_string ~* "(\%60|\%7C|\%26|\%24|\%3B|\%28|\%29)") {
         403;
        #}
    }


    index index.php index.html index.htm;

    location ~ \.php$ {
        fastcgi_pass php:9000;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;

        # Timeout
        fastcgi_connect_timeout 3500;
        fastcgi_send_timeout 3500;
        fastcgi_read_timeout 3500;

        # Buffers
        fastcgi_buffer_size 128k;
        fastcgi_buffers 8 256k;
        fastcgi_busy_buffers_size 512k;
        fastcgi_temp_file_write_size 512k;
    }

    ###########################################################################
    ## serve static files directly Tanks to Alex T https://una.io/u/alex-t   ##
    ###########################################################################
   
    location ~* ^(/cache_public/|/plugins_public/|/modules/|/studio/|/template/).+\.(jpg|jpeg|gif|css|png|js|ico|svg|eot|ttf|woff|woff2|)$ {
        access_log        off;
        expires           1h;
        # root /opt/una
        # add_header Cache-Control "public";
        try_files       $uri =404;
    }

    ###########################################################################
    ## deny access to hidden files                                           ##
    ###########################################################################

        location ~ /(\.ht|\.git) {
        deny  all;
    }

    ###########################################################################
    ## deny access to specific folders                                       ##
    ###########################################################################

    location ~ ^/(cache/|storage/|logs/|plugins/|tmp/) {
        deny  all;
    }

    ###########################################################################
    ## Memcached Integration                                                 ##
    ###########################################################################

    location /memcached {
        # Example using just the URI as the key
        # set $memcached_key $uri;
        # Set the Memcached key with the prefix
        # set $memcached_key "${key_prefix}${uri}${is_args}${args}";

        # Example with query parameters included
         $memcached_key $uri$is_args$args;

        # Example with a custom key
	    # set $memcached_key "key-$uri-$arg_user_id";
        set $key_prefix "site1_";
        set $memcached_key "${key_prefix}${uri}${is_args}${args}";

        # Pass the key to the Memcached server
        memcached_pass dragonflydb_cluster;

        # Define the response type
        default_type application/json;

        # Handle errors
        error_page 404 = /memcached_not_found;
    }

    location = /memcached_not_found {
        return 404 "{\"error\": \"Not found in Memcached\"}";
    }
}

        my mecached.conf

        upstream dragonflydb_cluster {
    server 127.0.0.1:11211;
    server 127.0.0.1:11212;
    server 127.0.0.1:11213;
}

        And indeed I have a cache for requests in front of the site, It's still experimental but it speeds up my website

        my reverse proxy: https://github.com/kabballa/una-reverse-proxy

        • And indeed I have a cache for requests in front of the site, It's still experimental but it speeds up my website
          my reverse proxy: https://github.com/kabballa/una-reverse-proxy

          Please try to disable this, to see if this cause the issue.

          • We cannot disable the reverse proxy, because it serves multiple sites, it accelerates them and automatically manages digital certificates, but we will disable any manual manipulation of the Set-Cookie headers in our Caddy configuration:

            # Removed: # Set-Cookie "SameSite=None; Secure; HttpOnly; Path=/"

            From now on, all cookie handling will be managed entirely by the PHP backend, and the reverse proxy will simply forward the headers as-is.

            We’ve tested this setup with UNA 14.0.0-RC5 and the Google Connect login flow and it appears to be working correctly now.

            Thanks @Alex T⚜️ for the update and for pointing us in the right direction!

            https://github.com/kabballa/una-reverse-proxy/commit/c8f5f0507cecf50ea267e3728c718bf9e82c70eb

            Login or Join to comment.