CSRF token verification failed - Zammad version: 3.3.0

nafissa · March 11, 2020, 3:39pm

Used Zammad version: 3.3.0
Used Zammad installation source: (source, package, …) via deb
Operating system: ubuntu 18.04
Browser + version: chrome

Expected behavior:

sign in to zammad

Actual behavior:

CSRF token verification failed

Steps to reproduce the behavior:

I signed out from my session because I had problems with facebook integration
I typed my email address and password to sign in again
A wrong user ID password pop-up showed up
so i went to the rails consol and changed my password in the database
I reconnected but failed
I uninstalled zammad and reinstalled it and did all the steps correctly but when I tried to sign in this time the ''CSRF token verification failed ‘’ showed up.
when I inspect this show up.

Here is what I am getting in the production log

`E, [2020-03-12T02:30:50.663951 #12208-47368702367540] ERROR – : Retrying SearchIndexJob in #<Proc:0x00005629c5b9f100@/opt/zammad/app/jobs/search_index_job.rb:6 (lambda)> seconds, due to a StandardError. The original exception was nil.
I, [2020-03-12T02:30:50.692557 #12208-47368702367540] INFO – : Enqueued SearchIndexJob (Job ID: 928fd70f-34ae-468b-ae22-afdaccef21a4) to DelayedJob(default) at 2020-03-12 02:31:40 UTC with arguments: “StatsStore”, 2
I, [2020-03-12T02:30:50.700776 #12208-47368702367540] INFO – : 2020-03-12T02:30:50+0000: [Worker(host:ns352993 pid:12208)] Job SearchIndexJob [928fd70f-34ae-468b-ae22-afdaccef21a4] from DelayedJob(default) with arguments: [“StatsStore”, 2] (id=17995)$
I, [2020-03-12T02:30:50.709780 #12208-47368702367540] INFO – : 2020-03-12T02:30:50+0000: [Worker(host:ns352993 pid:12208)] Job SearchIndexJob [91555ede-ed40-4e3f-bc10-5e348b22fac7] from DelayedJob(default) with arguments: [“StatsStore”, 3] (id=17996)$
I, [2020-03-12T02:30:50.741129 #12208-47368702367540] INFO – : Performing SearchIndexJob (Job ID: 91555ede-ed40-4e3f-bc10-5e348b22fac7) from DelayedJob(default) with arguments: “StatsStore”, 3
I, [2020-03-12T02:30:50.759360 #12208-47368702367540] INFO – : # curl -X post “http://localhost:9200/zammad_production_stats_store/_doc/3?pipeline=zammad307582291620”
I, [2020-03-12T02:30:50.764929 #12208-47368702367540] INFO – : # 400
E, [2020-03-12T02:30:50.767732 #12208-47368702367540] ERROR – : Unable to process post request to elasticsearch URL ‘http://localhost:9200/zammad_production_stats_store/_doc/3?pipeline=zammad307582291620’. Check the response and payload for detailed i$

Response:
#<UserAgent::Result:0x00005629c54fca00 @success=false, @body="{“error”:{“root_cause”:[{“type”:“illegal_argument_exception”,“reason”:“pipeline with id [zammad307582291620] does not exist”}],“type”:“illegal_argument_exception”,“reason”:

Payload:
{“id”=>3, “stats_store_object_id”=>1, “o_id”=>7, “key”=>“dashboard”, “related_stats_store_object_id”=>nil, “data”=>{“StatsTicketWaitingTime”=>{“handling_time”=>0, “average_per_agent”=>0, “state”=>“supergood”, “percent”=>0.0}, “StatsTicketEscalation”=>{$

Payload size: 0M
E, [2020-03-12T02:30:50.769670 #12208-47368702367540] ERROR – : Error performing SearchIndexJob (Job ID: 91555ede-ed40-4e3f-bc10-5e348b22fac7) from DelayedJob(default) in 27.95ms: RuntimeError (Unable to process post request to elasticsearch URL 'http$

Response:
#<UserAgent::Result:0x00005629c54fca00 @success=false, @body="{“error”:{“root_cause”:[{“type”:“illegal_argument_exception”,“reason”:“pipeline with id [zammad307582291620] does not exist”}],“type”:“illegal_argument_exception”,“reason”:

Payload:
{“id”=>3, “stats_store_object_id”=>1, “o_id”=>7, “key”=>“dashboard”, “related_stats_store_object_id”=>nil, “data”=>{“StatsTicketWaitingTime”=>{“handling_time”=>0, “average_per_agent”=>0, “state”=>“supergood”, “percent”=>0.0}, “StatsTicketEscalation”=>{$
``

nafissa · March 11, 2020, 3:41pm

Also I tried this Fresh install 3.2.x: CSRF token verification failed
but it didn’t work for me as nothing changed

MrGeneration · March 16, 2020, 5:14pm

Well please provide your webserver vhost configuration if you followed the above linked thread.

Beside of that your Zammad obviously needs a friendly searchindex rebuilt as below error states

nafissa · March 17, 2020, 7:42am

Hello ! I could actually get in because I had a session open in another computer so I changed ’ https’ to
’ http’ in the system but then If I change it back to https and log-off I’m blocked again.

I do have two configuration files

Also, I know I’m having an error that I’m unable to solve too, do I have to open a new issue for it or can I ask here ?
Thank you

sinichi19 · March 19, 2020, 5:22am

Fresh Installed? Upgraded? Migrated?

dont change to http at the system settings.

I also experienced the same problem try to run- zammad run rails db:migrate
and zammad run rake searchindex:rebuild

MrGeneration · March 24, 2020, 12:50pm

Please provide the complete two configuration files. Your screenshots do not show the complete content.

nafissa · March 24, 2020, 1:29pm

GNU nano
/etc/nginx/sites-enabled/zammad.conf

this is the nginx config for zammad

upstream zammad-railsserver {
server 127.0.0.1:3000;
}

upstream zammad-websocket {
server 127.0.0.1:6042;
}

server {
listen 80;

# replace 'localhost' with your fqdn if you want to use zammad from remote
server_name www.intaj-help.net;

# security - prevent information disclosure about server version
server_tokens off;

root /opt/zammad/public;

access_log /var/log/nginx/zammad.access.log;
error_log  /var/log/nginx/zammad.error.log;

client_max_body_size 50M;

location ~ ^/(assets/|robots.txt|humans.txt) {
    expires max;
}
location = /favicon.ico {
  access_log off; log_not_found off;
  alias /media/img.jpg;
}


location /ws {
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "Upgrade";
    proxy_set_header CLIENT_IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto https;
    proxy_read_timeout 86400;
    proxy_pass http://zammad-websocket;
}

location / {
    proxy_set_header Host $http_host;
    proxy_set_header CLIENT_IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto https;
    proxy_read_timeout 300;
    proxy_pass http://zammad-railsserver;

    gzip on;
    gzip_types text/plain text/xml text/css image/svg+xml application/javascript application/x-javascript application/json application/xml;

  gzip_proxied any;
}}

Blockquote

/opt/zammad/contrib/nginx/zammad.conf

this is the nginx config for zammad

upstream zammad-railsserver {
server 127.0.0.1:3000;
}

upstream zammad-websocket {
server 127.0.0.1:6042;
}

server {
listen 80;

# replace 'localhost' with your fqdn if you want to use zammad from remote
server_name localhost;

# security - prevent information disclosure about server version
server_tokens off;

root /opt/zammad/public;

access_log /var/log/nginx/zammad.access.log;
error_log  /var/log/nginx/zammad.error.log;

client_max_body_size 50M;

location ~ ^/(assets/|robots.txt|humans.txt|favicon.ico) {
    expires max;
}

location /ws {
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "Upgrade";
    proxy_set_header CLIENT_IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto https;
    proxy_read_timeout 86400;
    proxy_pass http://zammad-websocket;
}

location / {
    proxy_set_header Host $http_host;
    proxy_set_header CLIENT_IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto https;
    proxy_read_timeout 300;
    proxy_pass http://zammad-railsserver;

    gzip on;
    gzip_types text/plain text/xml text/css image/svg+xml application/javascript application/x-javascript application/json application/xml;
    gzip_proxied any;
}

}

nafissa · March 24, 2020, 1:40pm

It is freshly installed I did run- zammad run rails db:migrate
and zammad run rake searchindex:rebuild but nothing changed
I had a session open in another computer so I could access again but I know this is not the right solution
Also, my domain name doesn’t have a SSL licence could this be the problem ?
Thank you for your reply !

sinichi19 · March 27, 2020, 3:40am

if not ssl

change proxy_set_header X-Forwarded-Proto http;

change the two https only http

system · July 25, 2020, 3:40am

This topic was automatically closed 120 days after the last reply. New replies are no longer allowed.