[Django] ERROR (EXTERNAL IP): Internal Server Error: /mailman3/accounts/XXXXX/login/
Where XXXXX from the subject implies github|fedora|openid|gitlab, etc, I edited my settings.py and removed those references to socialaccount auth providers, except google:
INSTALLED_APPS = ( 'hyperkitty', 'postorius', 'django_mailman3', # Uncomment the next line to enable the admin: 'django.contrib.admin', # Uncomment the next line to enable admin documentation: # 'django.contrib.admindocs', 'django.contrib.auth', 'django.contrib.contenttypes', 'django.contrib.sessions', 'django.contrib.sites', 'django.contrib.messages', 'django.contrib.staticfiles', 'rest_framework', 'django_gravatar', 'compressor', 'haystack', 'django_extensions', 'django_q', 'allauth', 'allauth.account', 'allauth.socialaccount', 'allauth.socialaccount.providers.google' )
On a daily basis, I get messages like below, referring to all those socialaccount auth providers that I removed. I am beginning to think that MM3 is reading a file other than that which I think it should.
PS: I have restarted mailman, uwsgi, apache, and even the whole server.
These messages just won't go away.
Whole message here: Ubuntu Pastebin <https://pastebin.ubuntu.com/p/QPYDtXg5Fn/>
-- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254 7 3200 0004/+254 7 2274 3223 "Oh, the cruft.", egrep -v '^$|^.*#' :-)
Odhiambo Washington writes:
Where XXXXX from the subject implies github|fedora|openid|gitlab, etc, I edited my settings.py and removed those references to socialaccount auth providers, except google:
It's clear enough:
Internal Server Error: /mailman3/accounts/gitlab/login/
DoesNotExist at /accounts/gitlab/login/
SocialApp matching query does not exist.Mailman is doing the right thing here: it assumes the remote user knows what they're doing, tries the auth provider, and discovers it doesn't exist, so it reports an error. Mailman is not responsible for the query; some third party is. You're dealing with the Internet -- we can't help you with what third parties do.
The one possible link to Mailman is that somehow mailman-web is offering social auth using those providers to users. When you log out of Postorius/ HyperKitty, then try to log back in, does the application offer login through any social auth other than Google? If so, that may be the problem, but I don't know how that can happen: the social auth offered is based on querying the providers installed by settings.py. And the person initiating the login would presumably be your user, who I would imagine would complain if they were trying to use social auth and it failed for them. Perhaps it's a user's browser cache.
If mailman-web doesn't offer social auth, it's something else. The reverse DNS lookup says it's coming from REMOTE_ADDR = '185.191.171.20' which is "20.bl.bot.semrush.com", where semrush is an SEO company. The "bot" part is suggestive of an automated attack, but who knows.
Steve
On 10/22/21 2:24 AM, Odhiambo Washington wrote:
Where XXXXX from the subject implies github|fedora|openid|gitlab, etc, I edited my settings.py and removed those references to socialaccount auth providers, except google:
Did you also remove them from SOCIALACCOUNT_PROVIDERS? Did you remove them from Social Accounts › Social applications in the Django admin UI? Do the buttons for the other providers show up in the web ui?
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
participants (3)
-
Mark Sapiro -
Odhiambo Washington -
Stephen J. Turnbull