[GH-ISSUE #194] Asking for workspace password. #119

Closed
opened 2026-02-22 18:18:00 -05:00 by yindo · 11 comments
Owner

Originally created by @crippledfaith on GitHub (Aug 15, 2023).
Original GitHub issue: https://github.com/Mintplex-Labs/anything-llm/issues/194

image

I did not find anything. in the documentation about any password.

"/request-token" expects a username but it is sending
http://localhost:3001/api/request-token in body {password: ""}

Originally created by @crippledfaith on GitHub (Aug 15, 2023). Original GitHub issue: https://github.com/Mintplex-Labs/anything-llm/issues/194 ![image](https://github.com/Mintplex-Labs/anything-llm/assets/7411687/d6afc24d-1479-4654-a1f2-e67f948c032a) I did not find anything. in the documentation about any password. "/request-token" expects a username but it is sending http://localhost:3001/api/request-token in body {password: ""}
yindo closed this issue 2026-02-22 18:18:00 -05:00
Author
Owner

@TychoML commented on GitHub (Aug 16, 2023):

The docker folder contains an example.env file, serving as a template for your own .env file. It explains how the password can be set here: "# AUTH_TOKEN="hunter2" # This is the password to your application if remote hosting."

@TychoML commented on GitHub (Aug 16, 2023): The docker folder contains an example.env file, serving as a template for your own .env file. It explains how the password can be set here: "# AUTH_TOKEN="hunter2" # This is the password to your application if remote hosting."
Author
Owner

@crippledfaith commented on GitHub (Aug 16, 2023):

Hi
I did try that password.
The form submit button send a request to http://localhost:3001/api/request-token in the body the password is only provided,
in the server /request-token

const { username, password } = reqBody(request);
const existingUser = await User.get(`username = '${username}'`);

so the query will 'SELECT * FROM users WHERE username = '${username}'
but the username is nan.

also, I have checked the SQLite database file inside the docker and there was no users table. Did I miss any steps?

@crippledfaith commented on GitHub (Aug 16, 2023): Hi I did try that password. The form submit button send a request to http://localhost:3001/api/request-token in the body the password is only provided, in the server /request-token ``` const { username, password } = reqBody(request); const existingUser = await User.get(`username = '${username}'`); ``` so the query will ` 'SELECT * FROM users WHERE username = '${username}' ` but the username is nan. also, I have checked the SQLite database file inside the docker and there was no `users` table. Did I miss any steps?
Author
Owner

@TychoML commented on GitHub (Aug 16, 2023):

@timothycarambat Do you have any insights into the issue of @crippledfaith? Personally I have not experienced this.

@TychoML commented on GitHub (Aug 16, 2023): @timothycarambat Do you have any insights into the issue of @crippledfaith? Personally I have not experienced this.
Author
Owner

@crippledfaith commented on GitHub (Aug 16, 2023):

Docker message

SELECT * FROM system_settings WHERE label = 'multi_user_mode'
2023-08-16 22:09:39 Cannot create JWT as JWT_SECRET is unset. Error: Cannot create JWT as JWT_SECRET is unset.
2023-08-16 22:09:39     at makeJWT (/app/server/utils/http/index.js:19:11)
2023-08-16 22:09:39     at /app/server/endpoints/system.js:202:18

@crippledfaith commented on GitHub (Aug 16, 2023): Docker message ``` SELECT * FROM system_settings WHERE label = 'multi_user_mode' 2023-08-16 22:09:39 Cannot create JWT as JWT_SECRET is unset. Error: Cannot create JWT as JWT_SECRET is unset. 2023-08-16 22:09:39 at makeJWT (/app/server/utils/http/index.js:19:11) 2023-08-16 22:09:39 at /app/server/endpoints/system.js:202:18 ```
Author
Owner

@TychoML commented on GitHub (Aug 16, 2023):

JWT_SECRET can be set in the .env file in the docker folder too, if that is the issue you are having (more context to the question is better)

@TychoML commented on GitHub (Aug 16, 2023): JWT_SECRET can be set in the .env file in the docker folder too, if that is the issue you are having (more context to the question is better)
Author
Owner

@crippledfaith commented on GitHub (Aug 16, 2023):

This is my .env file am I missing something?

SERVER_PORT=3001
CACHE_VECTORS="true"
# JWT_SECRET="my-random-string-for-seeding" # Only needed if AUTH_TOKEN is set. Please generate random string at least 12 chars long.

###########################################
######## LLM API SElECTION ################
###########################################
LLM_PROVIDER='openai'
OPEN_AI_KEY='{MyKey}'
OPEN_MODEL_PREF='gpt-3.5-turbo'

# LLM_PROVIDER='azure'
# AZURE_OPENAI_ENDPOINT=
# AZURE_OPENAI_KEY=
# OPEN_MODEL_PREF='my-gpt35-deployment' # This is the "deployment" on Azure you want to use. Not the base model.
# EMBEDDING_MODEL_PREF='embedder-model' # This is the "deployment" on Azure you want to use for embeddings. Not the base model. Valid base model is text-embedding-ada-002


###########################################
######## Vector Database Selection ########
###########################################
# Enable all below if you are using vector database: Chroma.
# VECTOR_DB="chroma"
# CHROMA_ENDPOINT='http://localhost:8000'

# Enable all below if you are using vector database: Pinecone.
VECTOR_DB="pinecone"
PINECONE_ENVIRONMENT='gcp-starter'
PINECONE_API_KEY='{MyKey}'
PINECONE_INDEX='dd'

# Enable all below if you are using vector database: LanceDB.
# VECTOR_DB="lancedb"

# Enable all below if you are using vector database: Weaviate.
# VECTOR_DB="weaviate"
# WEAVIATE_ENDPOINT="http://localhost:8080"
# WEAVIATE_API_KEY=

#CLOUD DEPLOYMENT VARIRABLES ONLY
AUTH_TOKEN="hunter2" # This is the password to your application if remote hosting.
NO_DEBUG="true"
STORAGE_DIR="./server/storage"
GOOGLE_APIS_KEY=
UID='1000'
GID='1000'
# DISABLE_TELEMETRY="true"
@crippledfaith commented on GitHub (Aug 16, 2023): This is my .env file am I missing something? ``` SERVER_PORT=3001 CACHE_VECTORS="true" # JWT_SECRET="my-random-string-for-seeding" # Only needed if AUTH_TOKEN is set. Please generate random string at least 12 chars long. ########################################### ######## LLM API SElECTION ################ ########################################### LLM_PROVIDER='openai' OPEN_AI_KEY='{MyKey}' OPEN_MODEL_PREF='gpt-3.5-turbo' # LLM_PROVIDER='azure' # AZURE_OPENAI_ENDPOINT= # AZURE_OPENAI_KEY= # OPEN_MODEL_PREF='my-gpt35-deployment' # This is the "deployment" on Azure you want to use. Not the base model. # EMBEDDING_MODEL_PREF='embedder-model' # This is the "deployment" on Azure you want to use for embeddings. Not the base model. Valid base model is text-embedding-ada-002 ########################################### ######## Vector Database Selection ######## ########################################### # Enable all below if you are using vector database: Chroma. # VECTOR_DB="chroma" # CHROMA_ENDPOINT='http://localhost:8000' # Enable all below if you are using vector database: Pinecone. VECTOR_DB="pinecone" PINECONE_ENVIRONMENT='gcp-starter' PINECONE_API_KEY='{MyKey}' PINECONE_INDEX='dd' # Enable all below if you are using vector database: LanceDB. # VECTOR_DB="lancedb" # Enable all below if you are using vector database: Weaviate. # VECTOR_DB="weaviate" # WEAVIATE_ENDPOINT="http://localhost:8080" # WEAVIATE_API_KEY= #CLOUD DEPLOYMENT VARIRABLES ONLY AUTH_TOKEN="hunter2" # This is the password to your application if remote hosting. NO_DEBUG="true" STORAGE_DIR="./server/storage" GOOGLE_APIS_KEY= UID='1000' GID='1000' # DISABLE_TELEMETRY="true" ```
Author
Owner

@crippledfaith commented on GitHub (Aug 16, 2023):

Resolve the issue by commenting out AUTH_TOKEN="hunter2" # This is the password to your application if remote hosting.

Thanks

@crippledfaith commented on GitHub (Aug 16, 2023): Resolve the issue by commenting out `AUTH_TOKEN="hunter2" # This is the password to your application if remote hosting.` Thanks
Author
Owner

@TychoML commented on GitHub (Aug 16, 2023):

yes, as explained here: " JWT_SECRET="my-random-string-for-seeding" # Only needed if AUTH_TOKEN is set".

So, as you are using AUTH_TOKEN, you need to set JWT_SECRET. So:

JWT_SECRET="YOURRANDOMSTRINGOF12CHARACTERSMINIMUM"

@TychoML commented on GitHub (Aug 16, 2023): yes, as explained here: " JWT_SECRET="my-random-string-for-seeding" # Only needed if AUTH_TOKEN is set". So, as you are using AUTH_TOKEN, you need to set JWT_SECRET. So: JWT_SECRET="YOURRANDOMSTRINGOF12CHARACTERSMINIMUM"
Author
Owner

@TychoML commented on GitHub (Aug 16, 2023):

Yes, either both use them, or both not. If not a local instance, better set that password :-)

@TychoML commented on GitHub (Aug 16, 2023): Yes, either both use them, or both not. If not a local instance, better set that password :-)
Author
Owner

@TychoML commented on GitHub (Aug 16, 2023):

@crippledfaith Best to close the issue since it has been resolved.

@TychoML commented on GitHub (Aug 16, 2023): @crippledfaith Best to close the issue since it has been resolved.
Author
Owner

@timothycarambat commented on GitHub (Aug 16, 2023):

Thank you @TychoML for helping out with this 🙏

@timothycarambat commented on GitHub (Aug 16, 2023): Thank you @TychoML for helping out with this 🙏
yindo changed title from Asking for workspace password. to [GH-ISSUE #194] Asking for workspace password. 2026-06-05 14:33:35 -04:00
Sign in to join this conversation.
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: Mintplex-Labs/anything-llm#119