CSRF Verification Failed

1,648 views
Skip to first unread message

Kristian Sebastian

unread,
May 26, 2015, 11:49:25 PM5/26/15
to gets...@googlegroups.com
I seem to be getting a "CSRF Verification Failed - A required security token was not found or was invalid." when attempting to create an account after a fresh installation of sentry. I'm using Sentry 7.5. Here's my config:

from sentry.conf.server import *

import os.path

CONF_ROOT = os.path.dirname(__file__)

DATABASES = {
    'default': {
        # You can swap out the engine for MySQL easily by changing this value
        # to ``django.db.backends.mysql`` or to PostgreSQL with
        # ``sentry.db.postgres``

        # If you change this, you'll also need to install the appropriate python
        # package: psycopg2 (Postgres) or mysql-python
        'ENGINE': 'sentry.db.postgres',

        'NAME': 'sentry',
        'USER': 'sentry',
        'PASSWORD': '',
        'HOST': '',
        'PORT': '',
    }
}

SENTRY_SINGLE_ORGANIZATION = True
SENTRY_REDIS_OPTIONS = {
    'hosts': {
        0: {
            'host': '127.0.0.1',
            'port': 6379,
        }
    }
}
SENTRY_CACHE = 'sentry.cache.redis.RedisCache'
CELERY_ALWAYS_EAGER = False
BROKER_URL = 'redis://localhost:6379'
SENTRY_RATELIMITER = 'sentry.ratelimits.redis.RedisRateLimiter'
SENTRY_BUFFER = 'sentry.buffer.redis.RedisBuffer'
SENTRY_QUOTAS = 'sentry.quotas.redis.RedisQuota'
SENTRY_TSDB = 'sentry.tsdb.redis.RedisTSDB'

SENTRY_FILESTORE = 'django.core.files.storage.FileSystemStorage'
SENTRY_FILESTORE_OPTIONS = {
    'location': '/tmp/sentry-files',
}
SENTRY_URL_PREFIX = 'http://XXX.XXX.XXX.XXX:9000'
 
SENTRY_WEB_HOST = '0.0.0.0'
SENTRY_WEB_PORT = 9000
SENTRY_WEB_OPTIONS = {
     'workers': 3,  # the number of gunicorn workers
     'secure_scheme_headers': {'X-FORWARDED-PROTO': 'https'},
}
EMAIL_BACKEND = 'django.core.mail.backends.smtp.EmailBackend'

EMAIL_HOST = 'localhost'
EMAIL_HOST_PASSWORD = ''
EMAIL_HOST_USER = ''
EMAIL_PORT = 25
EMAIL_USE_TLS = False
SERVER_EMAIL = 'root@localhost'
MAILGUN_API_KEY = ''
SECRET_KEY = 'XXXX...'

Kristian Sebastian

unread,
May 27, 2015, 12:17:01 AM5/27/15
to gets...@googlegroups.com
Forgot to mention, I'm on Ubuntu 14.04 x64 LTS.

David Cramer

unread,
May 27, 2015, 12:37:53 AM5/27/15
to gets...@googlegroups.com, gets...@googlegroups.com
Something is preventing the cookie from being set/passed by the user.



--
You received this message because you are subscribed to the Google Groups "sentry" group.
To unsubscribe from this group and stop receiving emails from it, send an email to getsentry+...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Kristian Sebastian

unread,
May 27, 2015, 12:59:13 AM5/27/15
to gets...@googlegroups.com
Thanks! Once I allowed cookies on the browser though, Firefox throws me "The Page isn't redirecting properly; Firefox has detected that the server is redirecting the request for this address in a way that will never complete."

David Cramer

unread,
May 27, 2015, 12:59:50 AM5/27/15
to gets...@googlegroups.com, gets...@googlegroups.com
Sounds like your URL setting/reverse proxy are not correct



On Wed, May 27, 2015 at 6:59 AM, Kristian Sebastian <crispy....@gmail.com> wrote:

Thanks! Once I allowed cookies on the browser though, Firefox throws me "The Page isn't redirecting properly; Firefox has detected that the server is redirecting the request for this address in a way that will never complete."

--

Kristian Sebastian

unread,
May 27, 2015, 1:05:41 AM5/27/15
to gets...@googlegroups.com
Weird... I haven't configured the nginx reverse proxy yet... I'm connecting directly via port 9000

David Cramer

unread,
May 27, 2015, 1:06:37 AM5/27/15
to gets...@googlegroups.com, gets...@googlegroups.com
Is it possible this is an issue with you not having access to do anything, and no access to an organization?

Kristian Sebastian

unread,
May 27, 2015, 1:16:06 AM5/27/15
to gets...@googlegroups.com
Not that I'm aware of. How would I find out? I was able to successfully install sentry with the quickstart guide before, but it was sentry 7.4.3. I've been installing it on an ubuntu 14.04 digital ocean droplet.

David Cramer

unread,
May 27, 2015, 1:17:22 AM5/27/15
to gets...@googlegroups.com, gets...@googlegroups.com
I assume your user was made as a superuser? There might be a redirect loop in a less seen workflow where you don’t have permission to create organizations and you are not a member of an organization.

Kristian Sebastian

unread,
May 27, 2015, 1:28:26 AM5/27/15
to gets...@googlegroups.com
Yes, the user on the droplet was made as a superuser prior to installing.

David Cramer

unread,
May 27, 2015, 1:32:01 AM5/27/15
to gets...@googlegroups.com, gets...@googlegroups.com
If SENTRY_SINGLE_ORGANIZATION is True, and the user that was made was not made as a member of the organization, this could happen.

Kristian Sebastian

unread,
May 27, 2015, 1:46:05 AM5/27/15
to gets...@googlegroups.com
I changed the value to False, and it worked! It took me to the create a New Organization page. I'm not sure I understand, though... I didn't create any organizations as this was a new installation at a different droplet...

Regardless, thank you!

David Cramer

unread,
May 27, 2015, 2:04:56 AM5/27/15
to gets...@googlegroups.com, gets...@googlegroups.com
Looks like this was a bug on our end as we were no longer calling ‘sentry createuser’ as part of the default flow. This will be fixed in 7.5.1.



On Wed, May 27, 2015 at 7:46 AM, Kristian Sebastian <crispy....@gmail.com> wrote:

I changed the value to False, and it worked! It took me to the create a New Organization page. I'm not sure I understand, though... I didn't create any organizations as this was a new installation at a different droplet...

Regardless, thank you!

--
Reply all
Reply to author
Forward
0 new messages