Login returns 422 error

shanept · November 14, 2017, 4:31am

After recently upgrading GitLab to version 10.1.10, I am unable to login, being provided with “422 -The change you requested was rejected.”. So I upgraded to 10.1.13, hoping it was merely a bug, however I still am presented with the same issue.

I have spent a lot of time trawling google and the forum to find a reason as to why I may be having this issue, however the majority of what I’m finding seems to be related to an LDAP issue from 3 months ago, for which my version should be patched - although I do not have LDAP enabled anyway.

When I investigate in production.log, I am presented with the following:

Processing by SessionsController#create as HTML
  Parameters: {"utf8"=>"", "authenticity_token"=>"[FILTERED]", "user"=>{"login"=>"shanept", "password"=>"[FILTERED]", "remember_me"=>"0"}}
Can't verify CSRF token authenticity
Completed 422 Unprocessable Entity in 41ms (ActiveRecord: 4.2ms)

ActionController::InvalidAuthenticityToken (ActionController::InvalidAuthenticityToken)
  lib/gitlab/middleware/multipart.rb:93:in 'call'
  lib/gitlab/request_profiler/middleware.rb:14:in 'call'
  lib/gitlab/middleware/go.rb:17:in 'call'
  lib/gitlab/etag_caching/middleware.rb:11:in 'call'
  lib/gitlab/middlware/read_only.rb:30:in 'call'
  lib/gitlab/request_context.rb:18:in 'call'
  lib/gitlab/metrics/requests_rack_middleware.rb:27:in 'call'

Env info:

System information
System:		
Current User:	git
Using RVM:	no
Ruby Version:	2.3.5p376
Gem Version:	2.6.13
Bundler Version:1.13.7
Rake Version:	12.1.0
Redis Version:	3.2.5
Git Version:	2.13.6
Sidekiq Version:5.0.4
Go Version:	unknown

GitLab information
Version:	10.1.3
Revision:	e6142bc
Directory:	/opt/gitlab/embedded/service/gitlab-rails
DB Adapter:	postgresql
URL:		http://gitsvr
HTTP Clone URL:	http://gitsvr/some-group/some-project.git
SSH Clone URL:	git@gitsvr:some-group/some-project.git
Using LDAP:	no
Using Omniauth:	no

GitLab Shell
Version:	5.9.3
Repository storage paths:
- default: 	/var/opt/gitlab/git-data/repositories
Hooks:		/opt/gitlab/embedded/service/gitlab-shell/hooks
Git:		/opt/gitlab/embedded/bin/git

I absolutely can not log in, and don’t believe there to be a way to roll back to an earlier version, as the only recent backups I have are from 10.1.10 and 10.1.13.

markglenfletcher · November 14, 2017, 9:39am

@shanept Can you share more information about your environment? Are you running with the bundled nginx server or have you configured an external web server?

Which version were you running prior to the 10.1.x upgrade?

shanept · November 14, 2017, 10:14am

I am using the inbuilt nginx, so there’s nothing proxyish going on if that’s your thought.

I’m not sure the exact version it was… 8 something. I’m thinking 8.13.x, off the top of my head

markglenfletcher · November 14, 2017, 10:47am

@shanept Can you try a GitLab check?

sudo gitlab-rake gitlab:check

shanept · November 14, 2017, 12:58pm

Yeah I’ve already looked there, no luck unfortunately.

Checking GitLab Shell ...

GitLab Shell version >= 5.9.3 ? ... OK (5.9.3)
Repo base directory exists?
default... yes
Repo storage directories are symlinks?
default... no
Repo paths owned by git:root, or git:git?
default... yes
Repo paths access is drwxrws---?
default... yes
hooks directories in repos are links: ... 
Shane Thompson / server-stats ... ok
Shane Thompson / switch-manager ... ok
Shane Thompson / perth-config-files ... ok
Shane Thompson / melbourne-config-files ... ok
framework / core ... ok
framework / http ... ok
framework / routing ... ok
framework / support ... ok
framework / middleware ... ok
framework / foundation ... ok
Shane Thompson / custom-startup-scripts ... ok
framework / view ... ok
framework / container ... ok
Shane Thompson / web-uploader ... ok
framework / pipeline ... ok
framework / translation ... ok
framework / contracts ... ok
framework / validation ... ok
Shane Thompson / maintenance-mode ... ok
global-ops / clock ... ok
framework / security ... ok
framework / cache ... ok
framework / event ... ok
Ben Varcoe / AeontechPasswords ... ok
Running /opt/gitlab/embedded/service/gitlab-shell/bin/check
Check GitLab API access: OK
Redis available via internal API: OK

Access to /var/opt/gitlab/.ssh/authorized_keys: OK
gitlab-shell self-check successful

Checking GitLab Shell ... Finished

Checking Sidekiq ...

Running? ... yes
Number of Sidekiq processes ... 1

Checking Sidekiq ... Finished

Reply by email is disabled in config/gitlab.yml
Checking LDAP ...

LDAP is disabled in config/gitlab.yml

Checking LDAP ... Finished

Checking GitLab ...

Git configured correctly? ... yes
Database config exists? ... yes
All migrations up? ... yes
Database contains orphaned GroupMembers? ... no
GitLab config exists? ... yes
GitLab config up to date? ... yes
Log directory writable? ... yes
Tmp directory writable? ... yes
Uploads directory exists? ... yes
Uploads directory has correct permissions? ... yes
Uploads directory tmp has correct permissions? ... yes
Init script exists? ... skipped (omnibus-gitlab has no init script)
Init script up-to-date? ... skipped (omnibus-gitlab has no init script)
Projects have namespace: ... 
Shane Thompson / server-stats ... yes
Shane Thompson / switch-manager ... yes
Shane Thompson / perth-config-files ... yes
Shane Thompson / melbourne-config-files ... yes
framework / core ... yes
framework / http ... yes
framework / routing ... yes
framework / support ... yes
framework / middleware ... yes
framework / foundation ... yes
Shane Thompson / custom-startup-scripts ... yes
framework / view ... yes
framework / container ... yes
Shane Thompson / web-uploader ... yes
framework / pipeline ... yes
framework / translation ... yes
framework / contracts ... yes
framework / validation ... yes
Shane Thompson / maintenance-mode ... yes
global-ops / clock ... yes
framework / security ... yes
framework / cache ... yes
framework / event ... yes
Ben Varcoe / AeontechPasswords ... yes
Redis version >= 2.8.0? ... yes
Ruby version >= 2.3.3 ? ... yes (2.3.5)
Git version >= 2.7.3 ? ... yes (2.13.6)
Git user has default SSH configuration? ... yes
Active users: ... 3

Checking GitLab ... Finished

shanept · November 17, 2017, 2:35am

Shameless bump…

Anyone have any ideas as to what could be causing this? Any steps I can take to narrow down what it could be?

Thanks

shanept · November 20, 2017, 1:01am

I have figured it out.
It was a bad cookie… -_-

Thanks for your help Mark

fermulator · December 22, 2017, 5:19pm

I have reported the same issue here: https://gitlab.com/gitlab-org/gitlab-ce/issues/40898

You noted “it was a bad cookie” – this is client side only problem? – I’m having the same issue but from multiple web browsers, tested even from multiple systems … it couldn’t be a bad cookie.

HanSon · March 8, 2018, 1:35pm

Thx! Great help! I have the same situation

juubaa · July 8, 2018, 6:06am

Yes, clear cookies for your gitlab site!

dehim · May 16, 2019, 5:16am

thank you for your help.

Topic		Replies	Views
422 The change you requested was rejected How to Use GitLab	1	8486	January 22, 2019
Latest update broke my auth How to Use GitLab	2	1564	July 23, 2017
422 Error on login to Gitlab Infrastructure as Code & Cloud Native	1	1242	April 2, 2024
Cant login gitlab.com anymore, get 422 error How to Use GitLab login	3	626	July 11, 2023
Cannot login to gitlab.com: 422 error How to Use GitLab	0	561	April 1, 2020

Login returns 422 error

Related topics