AWS openhab-cloud setup user login fails with: "ForbiddenError: invalid csrf token"

Maik · December 12, 2021, 3:59pm

Hi,

I lately created an installation of openhab-cloud in my AWS account.
I used the docker-compose approach and used the latest available Docker images.
I am using a subdomain on my domain like openhab.mydomain.com.
I configured that domain in the .env file for DOMAIN_NAME.
I also configured config.template.json like this:

{
    "system": {
      "host": "${DOMAIN_NAME}",
"proxyHost": "openhab.mydomain.com",
      "port": "443",
      "protocol": "https",
(...)

I created a new user.

But now I am not able to login via openhab.mydomain.com.
Whenever I try I get the following exception:
ForbiddenError: invalid csrf token
at csrf (/data/node_modules/csurf/index.js:112:19)
at /opt/openhabcloud/app.js:285:9
(…)

I actually see a hidden form input “_csrf” in the login form.

What could be the problem here?

Thanks in advance,
Maik

Wolfgang_S · December 12, 2021, 6:26pm

Not sure if that will help.
My configuration looks like:

      "host": "myname.mydoamin.com",
      "proxyHost": "home.mydomain.com",
...
      "subDomainCookies": true,

As far as I understand/remember the “home” in proxyHost is necessary as this part of the string seems to be hard coded. myname in host is a placeholder as well as mydomain.com

Maik · December 12, 2021, 7:28pm

Hi Wolfgang,

thanks a lot for your input.

I adopted my config.template.json as you suggested.
I aligned both domain records to point to my ec2 instance.
I rebooted the docker compose setup.

Still the same error

Maik · December 14, 2021, 6:26pm

I have deactivated the subDomainCookies settings in the config.json.
Now I can successfully login with that new user