David Zhang
David Zhang7mo ago

Default login not working on first login

I set up a new Windmill instance using the docker-compose setup and upon first login using the default login credentials /user/login?email=admin@windmill.dev&password=changeme it throws Invalid credentials I have tried recreating the database
drop database windmill;
create database windmill;
drop database windmill;
create database windmill;
But still get the same error upon first login Any ideas on what I might have done wrong or how to debug?
3 Replies
David Zhang
David Zhang7mo ago
I can see that the migrations were run successfully in the logs
windmill_worker-1 | 2024-04-04T07:29:58.461990Z INFO windmill_api::db: Finished applying migration 20240403083110
windmill_worker-1 | 2024-04-04T07:29:58.461990Z INFO windmill_api::db: Finished applying migration 20240403083110
Checked the password table
windmill=*> select * from password;
-[ RECORD 1 ]---+-------------------------------------------------------------------------------------------------
email | admin@windmill.dev
password_hash | $argon2id$v=19$m=4096,t=3,p=1$oLJo/lPn/gezXCuFOEyaNw$i0T2tCkw3xUFsrBIKZwr8jVNHlIfoxQe+HfDnLtd12I
login_type | password
super_admin | t
verified | t
name | Admin
company | Windmill
first_time_user | t
username | admin
windmill=*> select * from password;
-[ RECORD 1 ]---+-------------------------------------------------------------------------------------------------
email | admin@windmill.dev
password_hash | $argon2id$v=19$m=4096,t=3,p=1$oLJo/lPn/gezXCuFOEyaNw$i0T2tCkw3xUFsrBIKZwr8jVNHlIfoxQe+HfDnLtd12I
login_type | password
super_admin | t
verified | t
name | Admin
company | Windmill
first_time_user | t
username | admin
Interesting, login fails when hitting Cloudfront with HTTPS, but succeeds when hitting EC2 directly without HTTPS Not sure which Cloudfront setting conflicts with login
David Zhang
David Zhang7mo ago
More weird behavior, after setting up a new user I cannot login with the user The /users endpoint throws 401 This behavior is different than when I enter an incorrect password, where /login throws 400 and Bad request: Invalid login
No description
David Zhang
David Zhang7mo ago
Ok figured it out, Cloudfront was not passing the auth headers to the Origin, fixed by setting to AllViewer
No description