Cannot login after 1.8.4 upgrade

What is the problem?

After upgrading to 1.8.4 I can no longer log in to the web interface.

What did you already try to solve it?

I tried resetting the password, several times. This did not help, even after restarting.
I tried everything suggested in this thread:

Have you tried running in safe mode?

Yes.

Did running in safe mode solve the problem?

No.

Systeminfo Bundle

You can download this in OctoPrint's System Information dialog ... no bundle, no support!)

Sorry, I can't log in so I can't get a system information bundle.

Additional information about your setup

OctoPrint version, OctoPi version, printer, firmware, browser, operating system, ... as much data as possible

Octoprint version 1.8.4.
OctoPi version 0.18.0
Printer: Anycubic i3 Mega
Firmware: factory default
Browser: Firefox 105.0.1 and Chrome 106.0.5249.103.
Operating system: Raspbian 11 "bullseye".

Output of pip freeze:
acme==1.12.0
appdirs==1.4.4
certbot==1.12.0
certifi==2020.6.20
chardet==4.0.0
ConfigArgParse==1.2.3
configobj==5.0.6
cryptography==3.3.2
distlib==0.3.1
distro==1.5.0
filelock==3.0.12
idna==2.10
importlib-metadata==1.6.0
josepy==1.2.0
more-itertools==4.2.0
parsedatetime==2.6
PyICU==2.5
pyOpenSSL==20.0.1
pyRFC3339==1.1
pytz==2021.1
requests==2.25.1
requests-toolbelt==0.9.1
six==1.16.0
ssh-import-id==5.10
toml==0.10.1
urllib3==1.26.5
virtualenv==20.4.0+ds
zipp==1.0.0
zope.component==4.3.0
zope.event==4.4
zope.hookable==5.0.1
zope.interface==5.2.0

Hello @Erik_Berglund !

You may have a look on this:

I tried implementing the suggested changes for HAproxy. Unfortunately they do not work, they appear to be for an older version of HAproxy. This is the error message I get:

The 'reqadd' directive is not supported anymore since HAProxy 2.1. Use 'http-request add-header' instead.

I assume you must have manually upgraded this install to bullseye at some point then? Did you change anything else?

You should still be able to get the systeminfo bundle over SSH (the blue words are auto-links to the relevant help topics). The other thing to check, if you can get to the login screen, is that there are no errors in your browser console. Open the console, and then try and login and check there are no errors reported in the console. You might see something about CSRF validation failed (most likely if you reached the login screen but nothing else is working)

I tried logging into SSH and typing "octoprint systeminfo", but I just get this message:

Sentry is attempting to send 1 pending error messages
Waiting up to 2 seconds
Press Ctrl-C to quit

And the the program quits without any output.

The browser console displays this error:

This page is in Quirks Mode. Page layout may be impacted. For Standards Mode use “”.

This page uses the non standard property “zoom”. Consider using calc() in the relevant property values, or using “transform” along with “transform-origin: 0 0”. [login](https://hostnameredacted/login/?redirect=%2F%3F&permissions=STATUS%2CSETTINGS_READ#temp)

Firefox can’t establish a connection to the server at wss://hostnameredacted/sockjs/510/5aisbqw2/websocket.

EDIT: I did upgrade to bullseye manually, but that was months ago. I did not change anything else.

I have the same issue (cannot login after upgrade) although not sure if the cause is the same.

In my case, the login page say "incorrect username or password", while the POST response is actually:

{"error": "CSRF validation failed"}

The octoprint server is behind a nginx reverse proxy with X-Script-Name been set.

I ended up formatting my SD card and re-installing OctoPi from scratch. I figured that was easier than learning how to configure the proxy.

Just found out a reverse proxy test page was added on 1.8.4 on /reverse_proxy_test.
It turns out that the port numbers are mismatched so do cookies suffix, which caused CSRF fail.

In my case it's a bit tricky due to the HTTP/3 support of nginx and my ISP's blocking of TCP 443. But in general, if you found that you could not login after upgrade, have a look on /reverse_proxy_test.

The other issue is that the login page should show correct error message for CSRF failure, no a misleading "incorrect password".

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.