Failed authentications on pangolin returns 400 error code instead of 401 in the DownStreamStatus field in traefik logs #119

New Issue

Closed

opened 2025-11-13 11:50:34 -06:00 by GiteaMirror · 5 comments

GiteaMirror commented 2025-11-13 11:50:34 -06:00

Owner

Copy Link

Originally created by @LePresidente on GitHub (Mar 4, 2025).

Originally assigned to: @oschwartz10612 on GitHub.

When a failed login attempt is done on pangolin the DownStreamStatus is 400 instead of 401 in the traefik logs

snip from the traefik log

{"ClientAddr":"<redacted>:64974","ClientHost":"<redacted>","DownstreamContentSize":114,"DownstreamStatus":400,"Duration":20032776,"RequestMethod":"POST","RequestPath":"/api/v1/auth/login","RequestProtocol":"HTTP/2.0","RetryAttempts":0,"ServiceName":"api-service@file","StartUTC":"2025-03-04T17:36:36.207121382Z","TLSCipher":"TLS_AES_128_GCM_SHA256","TLSVersion":"1.3","downstream_Content-Type":"application/json; charset=utf-8","downstream_X-Forwarded-Proto":"https","level":"info","msg":"","origin_Content-Type":"application/json; charset=utf-8","origin_X-Forwarded-Proto":"https","request_Content-Type":"application/json","request_User-Agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36","request_X-Forwarded-For":"<redacted>","request_X-Forwarded-Proto":"https","request_X-Real-Ip":"<redacted>","time":"2025-03-04T17:36:36Z"}

Current Error Code: 400 Bad Request
Expected Error Code: 401 Unauthorized

Note if the error code is 401, crowdsec will automatically catch these as failed login attempts.

Originally created by @LePresidente on GitHub (Mar 4, 2025). Originally assigned to: @oschwartz10612 on GitHub. When a failed login attempt is done on pangolin the DownStreamStatus is 400 instead of 401 in the traefik logs snip from the traefik log ``` {"ClientAddr":"<redacted>:64974","ClientHost":"<redacted>","DownstreamContentSize":114,"DownstreamStatus":400,"Duration":20032776,"RequestMethod":"POST","RequestPath":"/api/v1/auth/login","RequestProtocol":"HTTP/2.0","RetryAttempts":0,"ServiceName":"api-service@file","StartUTC":"2025-03-04T17:36:36.207121382Z","TLSCipher":"TLS_AES_128_GCM_SHA256","TLSVersion":"1.3","downstream_Content-Type":"application/json; charset=utf-8","downstream_X-Forwarded-Proto":"https","level":"info","msg":"","origin_Content-Type":"application/json; charset=utf-8","origin_X-Forwarded-Proto":"https","request_Content-Type":"application/json","request_User-Agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36","request_X-Forwarded-For":"<redacted>","request_X-Forwarded-Proto":"https","request_X-Real-Ip":"<redacted>","time":"2025-03-04T17:36:36Z"} ``` Current Error Code: 400 Bad Request Expected Error Code: 401 Unauthorized **Note** _if the error code is 401, crowdsec will automatically catch these as failed login attempts._

GiteaMirror added the enhancementapi labels 2025-11-13 11:50:34 -06:00

GiteaMirror closed this issue 2025-11-13 11:50:35 -06:00

GiteaMirror commented 2025-11-13 11:50:35 -06:00

Author

Owner

Copy Link

@oschwartz10612 commented on GitHub (Mar 5, 2025):

I think this is solved by 654ed46. Let me know what you think!

@oschwartz10612 commented on GitHub (Mar 5, 2025): I think this is solved by [654ed46](https://github.com/fosrl/pangolin/commit/654ed46a46d909b225694a76eb0536aba6cc39a8). Let me know what you think!

GiteaMirror commented 2025-11-13 11:50:36 -06:00

Author

Owner

Copy Link

@LePresidente commented on GitHub (Mar 5, 2025):

LGTM!

@LePresidente commented on GitHub (Mar 5, 2025): LGTM!

GiteaMirror commented 2025-11-13 11:50:36 -06:00

Author

Owner

Copy Link

@hhftechnology commented on GitHub (Mar 5, 2025):

bro has reduced a ton of work. i have scraped my phaser project.

@hhftechnology commented on GitHub (Mar 5, 2025): bro has reduced a ton of work. i have scraped my phaser project.

GiteaMirror commented 2025-11-13 11:50:36 -06:00

Author

Owner

Copy Link

@LePresidente commented on GitHub (Mar 5, 2025):

Is there an eta when a release will be done that includes this? Since this leaves local instances open to a degree

@LePresidente commented on GitHub (Mar 5, 2025): Is there an eta when a release will be done that includes this? Since this leaves local instances open to a degree

GiteaMirror commented 2025-11-13 11:50:36 -06:00

Author

Owner

Copy Link

@hhftechnology commented on GitHub (Mar 7, 2025):

Api is giving 401 error

@hhftechnology commented on GitHub (Mar 7, 2025): Api is giving 401 error 

GiteaMirror referenced this issue 2025-11-13 12:12:18 -06:00

[PR #819] [MERGED] Update deps and add dependabot.yml #848

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

dependabot/npm_and_yarn/prod-minor-updates-47a8475ba0

dependabot/go_modules/install/minor-updates-a98db8910e

dependabot/github_actions/sigstore/cosign-installer-4.1.0

dependabot/npm_and_yarn/dev-patch-updates-c4a0f28f13

dev

crowdin_dev

delete-domains

dependabot/npm_and_yarn/eslint-10.0.3

dependabot/npm_and_yarn/next-16.1.6

dependabot/npm_and_yarn/recharts-3.7.0

dependabot/go_modules/install/github.com/charmbracelet/huh-1.0.0

dependabot/github_actions/docker/login-action-4.0.0

dependabot/github_actions/actions/setup-node-6.3.0

msg-opt

dependabot/docker/docker/library/node-25-slim

dependabot/github_actions/actions/upload-artifact-7.0.0

dependabot/github_actions/actions/setup-go-6.3.0

cache

multi-role

logs-database

ssh

cloud-multi-org

delete-account

new-pricing

msg-delivery

org-only-idp

cicd

clients-user

1.12.3

policies

patch

site-targets-auto-login

1.16.2-s.9

1.16.2-s.8

1.16.2-s.7

1.16.2-s.6

1.16.2-s.5

1.16.2-s.4

1.16.2-s.3

1.16.2-s.2

1.16.2-s.1

1.16.2

1.16.2-s.0

1.16.1-s.1

1.16.1

1.16.1-s.0

1.16.0

1.16.0-s.1

1.16.0-s.0

1.16.0-rc.0

1.15.4-s.10

1.15.4-s.9

1.15.4-s.8

1.15.4-s.7

1.15.4-s.6

1.15.4-s.5

1.15.4-s.4

1.15.4-s.3

1.15.4-s.2

1.15.4-s.1

1.15.4

1.15.4-s.0

1.15.3

1.15.3-s.1

1.15.3-s.0

1.15.2

1.15.1-s.1

1.15.1-s.0

1.15.1

1.15.0-s.5

1.15.0

1.15.0-s.4

1.15.0-s.3

1.15.0-s.2

1.15.0-s.1

1.15.0-s.0

1.15.0-rc.0

1.14.1-s.3

1.14.1-s.2

1.14.1-s.1

1.14.1-s.0

1.14.1

1.14.0-s.2

1.14.0

1.14.0-rc.0

1.13.1

1.13.1-s.0

1.13.0

1.13.0.s.0

1.13.0-rc.0

1.12.2-s.5

1.12.3

1.12.2-s.4

1.12.2-s.3

1.12.2-s.2

1.12.2-s.1

1.12.2

1.12.2-s.0

1.12.1

1.12.0

1.12.0-s.0

1.12.0-rc.0

1.11.1

1.11.1-s.0

1.11.0-s.5

1.11.0

1.11.0-s.4

1.11.0-s.3

1.11.0-s.2

1.11.0-s.1

1.11.0-s.0

1.10.3

1.10.2

1.10.1

1.10.0

1.9.4

1.9.3

1.9.2

1.9.1

1.9.0

1.8.0

1.7.3

1.7.2

1.7.1

1.7.0

1.6.2

1.6.1

1.6.0

1.5.1

1.5.0

1.4.0

1.3.2

1.3.1

1.3.0

1.2.0

1.1.0

1.0.1

1.0.0

1.0.0-beta.15

1.0.0-beta.14

1.0.0-beta.13

1.0.0-beta.12

1.0.0-beta.11

1.0.0-beta.10

1.0.0-beta.9

1.0.0-beta.8

1.0.0-beta.7

1.0.0-beta.6

1.0.0-beta.5

1.0.0-beta.4

1.0.0-beta.3

1.0.0-beta.2

1.0.0-beta.1

Labels

Clear labels

api

authentication

bug

config

dependencies

docker

documentation

enhancement

good first issue

help wanted

Improvement

Look Into

needs investigating

networking

new feature

non-critical bug

potential bug

pull-request

Mirrored from GitHub Pull Request

question

reverse proxy

Security

stale

ui

No Label api enhancement

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

GiteaMirror ninjasurge

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/pangolin#119