Local Build of Speckle-Server 2.24.2 auth.js issues

Speckle Help Hosting Speckle
,
1

Sorry for the long post ahead, I’ve been trying to work around this issue for a while now, and I’m sharing the current issue with as much information to hopefully get it fixed.

  • Objective: Lauch the server locally and start experimenting with frontend-2 feature additions. I’m currently stuck at the very first step, which is creating, authenticating, and signing into an account.

  • Build/launch:

I’m currently following these steps to build and launch this repo:

  1. cd speckle-server
  2. corepack enable
  3. yarn
  4. yarn build
  5. yarn dev:docker:up
  6. cp packages/server/.env.example packages/server/.env
  7. cp packages/server/.env.test-example packages/server/.env.test
  8. cp packages/frontend-2/.env.example packages/frontend-2/.env
  9. cp packages/dui3/.env.example packages/dui3/.env #(NOTE THIS DOESN’T WORK in 2.24.2 the .env.example is not created in dui3)
  10. yarn dev"
  • Issue: I suspect the main issue here stems from the authentication process. However there are three main issues I’m having here:

  1. Main problem: Upon going through the signup process there is a popup UI that states “Registration failed: Failed to fetch,” and in network console the request fails as CORS Error

    • Network TAB:
    • The network Request looks like:
fetch("http://127.0.0.1:3000/auth/local/register?challenge=pk3vssdahc", {
  "headers": {
    "accept": "*/*",
    "accept-language": "en-US,en;q=0.9",
    "content-type": "application/json",
    "sec-ch-ua": "\"Not A(Brand\";v=\"8\", \"Chromium\";v=\"132\", \"Google Chrome\";v=\"132\"",
    "sec-ch-ua-mobile": "?0",
    "sec-ch-ua-platform": "\"Windows\"",
    "sec-fetch-dest": "empty",
    "sec-fetch-mode": "cors",
    "sec-fetch-site": "cross-site",
    "Referer": "http://localhost:8081/",
    "Referrer-Policy": "strict-origin-when-cross-origin"
  },
  "body": "{\"email\":\"test@test5.com\",\"name\":\"testy\",\"password\":\"Password123\"}",
  "method": "POST"
});
  • Follow the request above CORS Error request looks like:
fetch("http://127.0.0.1:8081/?access_code=319163c9f255ab82742bee71540c04c4a1862d9bfb&register=true", {
  "headers": {
    "Referer": "http://localhost:8081/",
    "Referrer-Policy": "strict-origin-when-cross-origin"
  },
  "body": null,
  "method": "GET"
});

Note: this process generates a MailDev authentication email at “http://localhost:1080/” for the signup request.

Looking at the progress user database in the container, it looks like:

*Command: docker exec web-app-postgres-1 psql -U speckle -d speckle -c "SELECT id, email, name, verified FROM users;"

     id     |          email          |  name   | verified
------------+-------------------------+---------+----------
 0123456789 | speckle@speckle.systems | speckle | t
 05af658709 | test@test2.com          | testy   | f
 496e18e488 | test@test5.com          | testy   | f
  1. Authentication problem:
    As a sanity check, I manually set the verified field in this database to true for all users:
     id     |          email          |  name   | verified
------------+-------------------------+---------+----------
 0123456789 | speckle@speckle.systems | speckle | t
 05af658709 | test@test2.com          | testy   | t
 496e18e488 | test@test5.com          | testy   | t

Now, when attempting to log in I get the following errors in the Networking tab:

Log in Request:


fetch("http://127.0.0.1:3000/auth/local/login?challenge=pk3vssdahc", {
  "headers": {
    "accept": "*/*",
    "accept-language": "en-US,en;q=0.9",
    "content-type": "application/json",
    "sec-ch-ua": "\"Not A(Brand\";v=\"8\", \"Chromium\";v=\"132\", \"Google Chrome\";v=\"132\"",
    "sec-ch-ua-mobile": "?0",
    "sec-ch-ua-platform": "\"Windows\"",
    "sec-fetch-dest": "empty",
    "sec-fetch-mode": "cors",
    "sec-fetch-site": "cross-site",
    "Referer": "http://localhost:8081/",
    "Referrer-Policy": "strict-origin-when-cross-origin"
  },
  "body": "{\"email\":\"test@test5.com\",\"password\":\"Password123\"}",
  "method": "POST"
});

RESPONSE Header for login requst:

HTTP/1.1 302 Found
x-request-id: da3047aa-326f-4994-9cc8-604b4bd57f03
Access-Control-Allow-Origin: *
X-RateLimit-Remaining: 1
Content-Security-Policy: frame-ancestors 'none'
Location: http://127.0.0.1:8081/?access_code=c6f61d83591c82f838d580165a5cec78218798c143
Vary: Accept
Content-Type: text/plain; charset=utf-8
Content-Length: 99
Date: Tue, 27 May 2025 20:28:27 GMT
Connection: keep-alive
Keep-Alive: timeout=61

Followed by CORS Error:

fetch("http://127.0.0.1:8081/?access_code=88c799cb6e2ef3caed9c1bc7ceb0baf487b105c89c", {
  "headers": {
    "Referer": "http://localhost:8081/",
    "Referrer-Policy": "strict-origin-when-cross-origin"
  },
  "body": null,
  "method": "GET"
});
  1. Minor Problem: http://localhost:3000/authn/register seems to have a problem where pressing sign up triggers nothing. The button seems like its grayed out blue and status never changes. http://localhost:8081/authn/register, on the other hand, works without generating any issues.

Follow-up Question:

Do you guys use local builds to develop new speckle-server versions? If so is there anything different about the build process I am missing? Also if use an alternetive approch to developing new features do you mind sharing that?

In case it’s relevant Build info:

I’m running Windows 11 with WSL2 on the Ubuntu 22.04 image. Both Docker and Docker Compose are installed in the Ubuntu environment, regardless of whether it is used on Windows. I’ve installed Mise and have installed Node.js v22.14.0 to use here.

Docker containers are running with no errors:

CONTAINER ID   IMAGE                            COMMAND                  CREATED       STATUS                 PORTS                                                                                                                                   NAMES
c0ef0279d6a5   redislabs/redisinsight:latest    "./docker-entry.sh n…"   3 hours ago   Up 3 hours             5540/tcp, 127.0.0.1:8001->8001/tcp                                                                                                      web-app-redis_insight-1
8346dfeff890   quay.io/keycloak/keycloak:25.0   "/opt/keycloak/bin/k…"   3 hours ago   Up 3 hours             0.0.0.0:8443->8443/tcp, [::]:8443->8443/tcp, 0.0.0.0:8090->8080/tcp, [::]:8090->8080/tcp, 0.0.0.0:9010->9000/tcp, [::]:9010->9000/tcp   web-app-keycloak-1
ba1d1b6be295   dpage/pgadmin4                   "/entrypoint.sh"         3 hours ago   Up 3 hours             443/tcp, 127.0.0.1:16543->80/tcp                                                                                                        web-app-pgadmin-1
f71c6835cf0e   minio/minio                      "/usr/bin/docker-ent…"   3 hours ago   Up 3 hours             127.0.0.1:9000-9001->9000-9001/tcp                                                                                                      web-app-minio-1
80ba0d9d3f39   redis:7-alpine                   "docker-entrypoint.s…"   3 hours ago   Up 3 hours             127.0.0.1:6379->6379/tcp                                                                                                                web-app-redis-1
2c3db2431834   web-app-postgres                 "docker-entrypoint.s…"   3 hours ago   Up 3 hours             127.0.0.1:5432->5432/tcp                                                                                                                web-app-postgres-1
2b6c9bfb34ec   maildev/maildev                  "bin/maildev"            3 hours ago   Up 3 hours (healthy)   127.0.0.1:1025->1025/tcp, 127.0.0.1:1080->1080/tcp                                                                                      web-app-maildev-1
c9c35bc8ba19   web-app-postgres-region2         "docker-entrypoint.s…"   3 hours ago   Up 3 hours             127.0.0.1:5402->5432/tcp                                                                                                                web-app-postgres-region2-1
b28a7f934802   minio/minio                      "/usr/bin/docker-ent…"   3 hours ago   Up 3 hours             127.0.0.1:9040->9000/tcp, 127.0.0.1:9041->9001/tcp                                                                                      web-app-minio-region2-1
8ea88776d644   minio/minio                      "/usr/bin/docker-ent…"   3 hours ago   Up 3 hours             127.0.0.1:9020->9000/tcp, 127.0.0.1:9021->9001/tcp                                                                                      web-app-minio-region1-1
10415270e9bf   web-app-postgres-region1         "docker-entrypoint.s…"   3 hours ago   Up 3 hours             127.0.0.1:5401->5432/tcp                                                                                                                web-app-postgres-region1-1
2

Hi @Leul_Tesfaye

We use the same process to develop speckle-server; there’s no additional secret steps.

I’ve run through the above steps on my machine (Macbook) this morning and have been unable to recreate your issues. I will investigate if we can recreate it on WSL2.

I’ve now fixed up the documentation to remove the reference to DUI3, thanks for noticing & reporting this.

Iain

1 Like
3

Hey @Leul_Tesfaye

You should be accessing the web UI through port :8081 not :3000, so that explains why something might not work if accessing through :3000.

Other than that it would be nice to see some more relevant context about the issues you’re experiencing. You’ve shared the requests themselves, which is good, but it would be more useful to see screenshots of the responses in dev tools network tab and the actual full errors you see in the browser console.

Maybe a screen recording even?

1 Like
4

Hey @fabians,

Thanks for the follow-up!

I’ve recorded a screen capture of the entire sign-up process and the error I’m encountering. You can view the video Screen Capture Here

Additional Notes:

  • When using http://localhost:3000, the app has some loading issues, which are visible at the beginning of the recording.
  • Switching to http://127.0.0.1:3000 allows me to click the sign-up and log-in buttons, but the same CORS-related network request errors still appear.

In case the hyperlink doesn’t work, here’s the raw URL:

Let me know if you need anything else!

5

Hi @Leul_Tesfaye

Thanks for providing the screen capture, it’s very helpful. From the screen capture I can see the server is serving at http://127.0.0.1:3000 and frontend at http://127.0.0.1:8081.

Please open your browser at http://127.0.0.1:8081 and follow the registration process from there.

The frontend presented at http://127.0.0.1:3000 is actually a proxy of http://127.0.0.1:8081 and the proxy will be subject to CORS issues. I’ve since created a PR to make the instructions clearer in our README: docs(README): frontend dev instructions by iainsproat · Pull Request #4838 · specklesystems/speckle-server · GitHub

Iain

6

Hey @iainsproat

Thanks for the follow-up. Launching the front end using [http://127.0.0.1:3000] or the proxy at http://127.0.0.1:8081 doesn’t seem to make a difference in resolving the problem I’m having. Here is a video of me trying the sign up with 8081 front end port.

I’m not sure what’s different about the CORS authentication, but it seems that any redirect request from localhost is being blocked during the signup and login process. I’m unsure what about WSL2 or the current configuration is causing this issue.

For additional context, before this, I was working with the 2.23.11 release, and launching the same Ubuntu WSL2 configuration with Node 18 didn’t cause an issue. However, with the current release targeting Node 22, I have been unable to log in or sign up locally successfully.

Video URL: https://drive.google.com/file/d/1UMp45heGq10JpsoynuoIGpBFXnQEw_eT/view?usp=sharing

7

It seems like this issue might specific to WSL2. I just tried the build process on a mac and it seems to be working fine. Please let me know if you guys are able to replicate this on Windows or if this is potentially a system specific issue I’m having.

1 Like
8

@Leul_Tesfaye

I work off WSL2 and am unable to replicate this, but I’m curious about what the issue could be.

The actual CORS error stems from the fact that the OPTIONS preflight request that browsers fire when requesting URLs w/ CORS enabled is getting sent back a redirect status code. This is unsupported, because the only purpose of the OPTIONS request is to get CORS configuration info back from the server in the form of response headers.

But that is not happening on my end and shouldn’t be happening on your end either.

Thanks for the video and for checking all tabs in there, but could you rerecord it again and this time also inspect the OPTIONS requests, their responses and headers?

To see which are OPTIONS requests you need to enable the “Method” column in the network tab, and to see the actual requests themselves you also need to turn off the “Fetch/XHR” filter, because the OPTIONS request is technically not a fetch call.

image
image1330×211 16.4 KB

1 Like
9

Hey @fabians ,

I just went ahead and did recording with of the sign up process agian. I have the option redirect error shown as well. Heres that video.

On a side note, I was able to successfully create an account & sign in once on Microsoft Edge this morning when I first launched the web-app on my WSL2; however, when I tried relaunching the web-app, the same authentication issue started happening again on Edge & Chrome.

Recording URL: https://drive.google.com/file/d/1VmASZd3NB6p1UtcwvzcvlGEtoQNruHgX/view?usp=sharing

10

@Leul_Tesfaye

One issue I noticed is that you’re visiting the app on localhost, while some of the Fetch requests go to 127.0.0.1. I think this may already count as a different origin for CORS, so please make sure that all of your env vars for both the server, frontend and everything else are configured to use 127.0.0.1, and also make sure you visit 127.0.0.1 in the browser, not localhost. Double check that this is in fact the case.

This will also resolve the slow load speed I’m seeing in your video - this slowness is something I’ve noticed on WSL2 in the past when using localhost instead of 127.0.0.1

After that’s done, I would like to see a recording, but this time make sure you show all of the fetch requests and their OPTIONS requests, not just the last failing one, and show the Headers & Response preview tabs.

So requests for both these urls:
/auth/local/login?challenge=
/?access_code=

While you do that, I am gonna investigate this promising lead:

image
image812×604 65.1 KB

It’s unexpected that it redirects you to /projects (even outside of the fact that there’s a redirect in OPTIONS)

1 Like
11

@Leul_Tesfaye

Good news, I was able to replicate and fix the OPTIONS redirect issue. It changes the way CORS works on our end so i’m hesitant to merge it today, but you’re welcome to try this branch out yourself: fix(fe2): cors OPTIONS reqs sometimes returning redirects by fabis94 · Pull Request #4860 · specklesystems/speckle-server

1 Like
12

Hey @fabians ,

Thanks for the prompt response and for looking into this fix. I’ll test it out first thing Monday and get back to you on the results on my system.

In terms of the future roadmap, would this fix be something that will be merged into future releases?

13

We try to avoid Friday releases on mainline repositories, even if they seem to fix things.

14

The fix has been merged into main

1 Like
15

Hey @fabians @jonathon ,

Thanks so much for your help. I just double-checked the fix, and it’s working on my system now!

1 Like