Can't logout from FreshRSS

Dominic.tech · August 18, 2023, 1:29pm

My YunoHost server

Hardware: VPS bought online
YunoHost version: 11.2.3
I have access to my server : Through SSH | through the webadmin
Are you in a special context or did you perform some particular tweaking on your YunoHost instance ? : no

Description of my issue

New installation of FreshRSS. When I open the app, it is already logged with the admin account. In the menu, there is a link “Profile”. Under this one, the username of the account is displayed. On a normal installation, it should have a logout link instead.

So, to logout, I have to go on the profile page and click on the logout link in the left panel. But, when I click on this link, it refresh the page and FreshRSS still be connected to the same admin account, even if a message says that i have been disconnected. No logout is possible.

Aleks · August 18, 2023, 2:14pm

It’s probably because you are logged in YunoHost’s sso and will be logged in FreshRSS as long as you don’t log out in YunoHost …

Dominic.tech · August 18, 2023, 2:30pm

Thanks for the reply. Yes I was logged to YunoHost. After your post, I tried to open FreshRSS in another browser not logged in to YunoHost. Once logged in, same problem.

I tried to reinstall FreshRSS, this time I set Visitors for who should have access (first time I set Administrators). If I open FreshRSS in a private window in the browser, it open logged in to the admin user without to enter any logon credentials.

Dominic.tech · August 18, 2023, 3:07pm

I found a workaround that fixed the problem !

github.com/YunoHost-Apps/freshrss_ynh

You don’t have permission to access this page [HTTP Remote-User=]

opened 11:25AM - 10 Jun 22 UTC

mhfowler

After installing FreshRss, on navigating to domain.tld, I see the error …message: ``` Error 403 - Forbidden You don’t have permission to access this page [HTTP Remote-User=] ``` ### Context - Hardware: Running on Digital Ocean VPS - YunoHost version: 4.3.6.3 - I have access to my server: through SSH ### Steps to reproduce - install freshrss - navigate to example.tld (in my case, rss.commoninternet.net) - it redirects to https://rss.commoninternet.net/i/ and displays the error message. if I click, login, it also shows this page again

Based on this workaround, what I did :

Open FreshRSS page where I’m already logged in.
Go to Authentication and change the auth mode to “None”
Go to the profile of the account, change the password.
Go back to Authentication and set the auth mode to “Use a form with Javascript”
Go back to the home page, I’m now disconnected and I can login to the admin account that have now the logout link under the link Profile in the menu.

I had to do the same thing for my other user created (just change its password from my admin account).

Dominic.tech · August 18, 2023, 3:21pm

Hmm here is another problem. My other user have a forbidden error after logon.

I tried to manually edit the file in /var/www/freshrss/data/config.php to set my user as default user and change the auth method to None.

Then, goes to the home page of FreshRSS where i’m logged in to this user automaticly, and repeat the process (change the password in the profile, change again the auth mode to Form using Javascript). Next logon worked fine. But after I deleted my main admin account, I still have a forbidden error page after the login.

It’s really annoying this bug, I dont know why I have it…

Lapineige · August 19, 2023, 1:24pm

From what I understand, it’s completely tied to Yunohost SSO, which means there is no login operation done in FreshRSS, it’s Yunohost that will log you with your Yunohost account in FreshRSS, you can’t connect with another account (except if you use another Yunohost account).

Dominic.tech · August 21, 2023, 12:22pm

Oh, It makes sense! I hadn’t thought of that. So by using the form mode for the connection, it no longer depends on YunoHost…

Thank you.

system · September 20, 2023, 12:23pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.