[Firefly III] Errors when creating new asset account or personal access token

stefanmajonez · October 19, 2023, 8:48am

My YunoHost server

Hardware: mid-range desktop PC
YunoHost version: 11.2.4
I have access to my server : Through SSH and webadmin | direct access via keyboard, if I drive to it
Are you in a special context or did you perform some particular tweaking on your YunoHost instance ? : yes
If yes, please explain:
I had trouble creating a Firefly III account after a fresh installation, so I followed this solution. After creating an account, I reverted those changes.
Also, I’ve read this issue, and for the time being my Firefly III installation is open to all visitors. Obviously not ideal for a personal banking and budgeting app.

Description of my issue

I’m trying to create a new banking account. I go to accounts → asset accounts, click “create new asset account”, fill in the data, and click “store new asset account”. The website then loads for approximately a minute, then displays " 504 Gateway Time-out" from Nginx.

[2023-10-19 09:47:21] local.ERROR: Exception is: {"class":"FireflyIII\\Exceptions\\FireflyException","errorMessage":"Failed to authenticate on SMTP server with username \"name\" using the following authenticators: \"LOGIN\", \"PLAIN\". Authenticator \"LOGIN\" returned \"Expected response code \"235\" but got code \"535\", with message \"535 5.7.8 Error: authentication failed: UGFzc3dvcmQ6\".\". Authenticator \"PLAIN\" returned \"Expected response code \"235\" but got code \"535\", with message \"535 5.7.8 Error: authentication failed: UGFzc3dvcmQ6\".\".","time":"Thu, 19 Oct 2023 09:47:21 +0200","file":"\/var\/www\/firefly-iii\/app\/Jobs\/MailError.php","line":103,"code":0,"version":"6.0.5","url":"https:\/\/firefly.hostname.com\/accounts\/store?q=accounts%2Fstore","userAgent":"Mozilla\/5.0 (X11; Linux x86_64; rv:109.0) Gecko\/20100101 Firefox\/118.0","json":true,"method":"POST"}

Another error happens if I try creating a personal access token. Go to Options → Profile → OAuth, click “create new token”, type in a name and click “create”. This time, the website does nothing for approximately a minute, then displays " Whoops! Something went wrong! * Something went wrong. Please try again." on a red background.

[2023-10-19 10:34:27] local.ERROR: Exception is: {"class":"FireflyIII\\Exceptions\\FireflyException","errorMessage":"Expected response code \"250\/251\/252\" but got code \"550\", with message \"550 5.1.1 <name@hostname.com>: Recipient address rejected: User unknown in virtual mailbox table\".","time":"Thu, 19 Oct 2023 10:34:27 +0200","file":"\/var\/www\/firefly-iii\/app\/Jobs\/MailError.php","line":103,"code":0,"version":"6.0.5","url":"https:\/\/firefly.hostname.com\/oauth\/personal-access-tokens?q=oauth%2Fpersonal-access-tokens","userAgent":"Mozilla\/5.0 (X11; Linux x86_64; rv:109.0) Gecko\/20100101 Firefox\/118.0","json":true,"method":"POST"}

I replaced my name with “name” and my hostname with “hostname.com” in error messages.

Thank you very much for any help!

wbk · October 19, 2023, 10:23pm

Hi Stefan,

Welcome to the forums!

I don’t know Firefly, but I can read the error message (after some copy/pasting )

stefanmajonez:

[2023-10-19 09:47:21] local.ERROR: Exception is:
{"class":"FireflyIII\\Exceptions\\FireflyException",

"errorMessage":"Failed to authenticate on SMTP server with username \"name\" using the following authenticators: \"LOGIN\", \"PLAIN\".

Authenticator \"LOGIN\" returned \"Expected response code \"235\" but got code \"535\", with message \"535 5.7.8

Error: authentication failed: UGFzc3dvcmQ6\".\".

Authenticator \"PLAIN\" returned \"Expected response code \"235\" but got code \"535\", with message \"535 5.7.8

Error: authentication failed: UGFzc3dvcmQ6\".\".",

"time":"Thu, 19 Oct 2023 09:47:21 +0200",
"file":"\/var\/www\/firefly-iii\/app\/Jobs\/MailError.php","line":103,"code":0,"version":"6.0.5","

url":"https:\/\/firefly.hostname.com\/accounts\/store?q=accounts%2Fstore",

"userAgent":"Mozilla\/5.0 (X11; Linux x86_64; rv:109.0) Gecko\/20100101 Firefox\/118.0","json":true,"method":"POST"}

It complains that it can not get access to email with the settings you provided.

I also had a look at the threads you linked. The suggestion there is to add the mail configuration in the settings.

I think that after reverting your reversion, Firefly can send emails again.

(The second thread, about the login page, is not of concern in this case. Take note that only the login page of Firefly is accessible to all visitors, of course not the contents)

stefanmajonez · October 20, 2023, 7:32pm

Thank you very much for your reply!

I re-reverted the changes, and still the same errors appear:

Trying to create an account

[2023-10-20 21:25:04] local.ERROR: Exception is: {"class":"FireflyIII\\Exceptions\\FireflyException","errorMessage":"Failed to authenticate on SMTP server with username \"name\" using the following authenticators: \"LOGIN\", \"PLAIN\". Authenticator \"LOGIN\" returned \"Expected response code \"235\" but got code \"535\", with message \"535 5.7.8 Error: authentication failed: UGFzc3dvcmQ6\".\". Authenticator \"PLAIN\" returned \"Expected response code \"235\" but got code \"535\", with message \"535 5.7.8 Error: authentication failed: UGFzc3dvcmQ6\".\".","time":"Fri, 20 Oct 2023 21:25:04 +0200","file":"\/var\/www\/firefly-iii\/app\/Jobs\/MailError.php","line":103,"code":0,"version":"6.0.5","url":"https:\/\/firefly.hostname.com\/accounts\/store?q=accounts%2Fstore","userAgent":"Mozilla\/5.0 (X11; Linux x86_64; rv:109.0) Gecko\/20100101 Firefox\/118.0","json":true,"method":"POST"}

Trying to create a token

[2023-10-20 21:25:54] local.ERROR: Exception is: {"class":"FireflyIII\\Exceptions\\FireflyException","errorMessage":"Failed to authenticate on SMTP server with username \"name\" using the following authenticators: \"LOGIN\", \"PLAIN\". Authenticator \"LOGIN\" returned \"Expected response code \"235\" but got code \"535\", with message \"535 5.7.8 Error: authentication failed: UGFzc3dvcmQ6\".\". Authenticator \"PLAIN\" returned \"Expected response code \"235\" but got code \"535\", with message \"535 5.7.8 Error: authentication failed: UGFzc3dvcmQ6\".\".","time":"Fri, 20 Oct 2023 21:25:54 +0200","file":"\/var\/www\/firefly-iii\/app\/Jobs\/MailError.php","line":103,"code":0,"version":"6.0.5","url":"https:\/\/firefly.hostname.com\/oauth\/personal-access-tokens?q=oauth%2Fpersonal-access-tokens","userAgent":"Mozilla\/5.0 (X11; Linux x86_64; rv:109.0) Gecko\/20100101 Firefox\/118.0","json":true,"method":"POST"}

I have not done anything to the e-mail stack on Yunohost, as I don’t want to handle e-mails myself, I use an e-mail provider, therefore the MX, MTA and other required DNS records are set to that provider and not the Yunohost server. Would that be a problem for Firefly?

wbk · October 20, 2023, 7:56pm

Ok, next thing: I tried to find what the error code means, and had the luck not to find the actual meaning, but other people with a similar problem.

I searched for “smtp login plain return code 235” and got a result on stackoverflow: php - Authenticator LOGIN returned Expected response code 235 but got code "535", with message "535 Incorrect authentication data " - Stack Overflow

It is not specific for Firefly, but it is almost literally the same error.

People have their problem solved by enveloping their password in quotes. In some cases they changed the password and had to wait a while for the change to propagate. Depending on the email provider, they also had to tell the provider to allow clients outside their webmail. See the linked thread for details.

Good luck!

stefanmajonez · October 20, 2023, 9:45pm

So I should put login credentials to my e-mail provider / e-mail account? I don’t really want to do that, so I guess Firefly isn’t for me if it doesn’t work without access to my e-mail.

Thanks for your efforts!

wbk · October 20, 2023, 11:20pm

I don’t know what the account is used for. Maybe just to send status messages? You could give it a try with correct settings for a random mail account.

Firefly is self-hosted, which in my view is more trustworthy than hosted services. Though shadowy code might be included, the same goes for any software on your devices. The software can use the credentials to send mail via SMTP. If SMTP and IMAP use the same server and same credentials, it could be used to read your mail. Just as your mail client could.

There is an attack surface that you enable by setting account credential for email, but any program could read all it has access to and write it to an adversarial API.

This does not sound spooky, does it? I want to reassure you, not worry you

TL;DR:

I don’t know what Firefly needs the credentials for. Maybe it sends a mail for 2 factor authentication?
If I trusted Firefly with my banking, I’d trust it with a mail account as well (perhaps creating a mailbox just for Firefly)
Perhaps other people also wonder why Firefly needs an email account. Firefly might have a forum as well

stefanmajonez · October 21, 2023, 8:30am

I found a solution?

First off, I changed the config to this:

MAIL_MAILER=log

This circumvents the entire e-mail issue, since it will now output all messages to a plaintext log.
Suddenly, creating a user token worked, but unfortunately I couldn’t add a new bank account - “User has no administration ID. This error occured in file /var/www/firefly-iii/app/User.php on line 315 with code 0.”

So, I created a new user account on Firefly, and everything works as expected.

My guess is, somehow the first default administration account isn’t created properly? Although I didn’t see any mention of user groups anywhere in the Firefly GUI, looking at the php code mentioned in the error message, class User apparently has a field called user_group_id, and if it’s equal to 0 it throws this error. Maybe the default, first user doesn’t have its groups set up properly?

I’m not sure what the issue is, but creating a new user account and using it fixed the problem.

system · November 5, 2023, 8:30am

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.