keystone: Cannot access admin page in product environment

Bug report

Cannot access admin page in product environment Project: demo-projects/meetup and custom with yarn create keystone-app ...

yarn build && yarn start

goto login page http://localhost:3000/admin/signin I tried with nuxt, next. The admin page is still accessible only in the dev environment

System information

OS: Windows

About this issue

Original URL
State: closed
Created 5 years ago
Comments: 24 (15 by maintainers)

Most upvoted comments

My solution here: (And it works for me!)

Enable Proxy Trust Middleware for Express (Edit your index.js of keystone)

module.exports = {
  keystone,
  apps: [
    new GraphQLApp(),
    new AdminUIApp(),
  ],
  configureExpress: app => {
    app.set('trust proxy', 1);
  }
};

Set Proxy Headers (For me, the file to be edited is nginx.conf)

    location /admin/api {
      proxy_set_header X-Real-IP $remote_addr;
      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
      proxy_set_header X-Forwarded-Host $host;
      proxy_set_header X-Forwarded-Proto "https";
      proxy_set_header Host $host;
      proxy_pass http://app:3000; 
    }

Set the Cookie Option as usual, then build your app and deploy it, and all is done!

Knowledge Page: https://expressjs.com/en/guide/behind-proxies.html

Shinerising on Mar 13, 2020

This worked for me, thanks @Shinerising

module.exports = {
  keystone,
  apps: [new GraphQLApp(),
  new AdminUIApp({
    name: PROJECT_NAME,
    enableDefaultRoute: true,
    authStrategy
  })
  ],
  //added for successful deployment
  configureExpress: app => {
    app.set('trust proxy', 1)
  }
};

michaelpaulcuccia on Feb 24, 2021

This looks like another case of the secure cookie/proxy issue (#1887). It’s is a complex topic that cuts across Keystone’s internals, project code, deployment config and browser behaviour. I’ve written up what I know here:

Keystone 5: Secure Cookies and Reverse Proxies

Quoting from the TL;DR – you should ensure that…

Connections between the browser and the proxy are secure (ie. over HTTPS)
The proxy is configured to add a X-Forwarded-Proto header to requests
Keystone’s Express server is configured to trust the proxy (ie. trust proxy is set)

molomby on Mar 31, 2020

Could someone having this issue please test the following configuration:

const { Keystone } = require('@keystonejs/keystone');

const keystone = new Keystone({
  secureCookies: false
  /*...rest of config */
});

MadeByMike on Dec 7, 2019

Could someone having this issue please test the following configuration:
const { Keystone } = require('@keystonejs/keystone');

const keystone = new Keystone({
  secureCookies: false
  /*...rest of config */
});
This Worked. Thanks Mike… Are there any concerns for disabling secure cookies? I am only running over https.

that didn´t wor for me

leobar37 on Jan 24, 2021

Also getting this with Nginx reverse proxy. Any solutions out there, or does this need a lib change?

wesbos on Feb 25, 2020

Same Problem here

I am running the server over https:// and still cannot login. Even on the production. if I run yarn dev and go to url, i can login but not when I do yarn start. It will give me wrong password error if I put wrong credentials but right password will only refresh the page. Basically it knows the password is right but not moving forward. works wonderfully when running yarn dev. What can we do?

ghost on Dec 5, 2019