[BUG] Basic Authentication is enabled, but username or password is not set or empty!

Question

[BUG] Basic Authentication is enabled, but username or password is not set or empty!

libid0nes opened this issue 4 months ago · comments

libid0nes commented 4 months ago

Environment

🪟 Windows

System

Windows 11 Pro 23H2 22631.3447

Version

SillyTavern 1.11.8 'release' (47b6562)

Desktop Information

node v20.11.1

Describe the problem

I have this config.yaml:

# -- NETWORK CONFIGURATION --
# Listen for incoming connections
listen: true
# Server port
port: 8000
# Toggle whitelist mode
whitelistMode: true
# Whitelist of allowed IP addresses
whitelist:
  - 127.0.0.1
  - 192.168.*.*
# Toggle basic authentication for endpoints
basicAuthMode: true
# Basic authentication credentials
basicAuthUser:
  - username: "test"
  - password: "test1234"
# Enables CORS proxy middleware
enableCorsProxy: false
# Disable security checks - NOT RECOMMENDED
securityOverride: false
# -- ADVANCED CONFIGURATION --
# Open the browser automatically
autorun: true
# Disable thumbnail generation
disableThumbnails: false
# Thumbnail quality (0-100)
thumbnailsQuality: 95
# Generate avatar thumbnails as PNG instead of JPG (preserves transparency but increases filesize by about 100%)
#  Changing this only affects new thumbnails. To recreate the old ones, clear out your ST/thumbnails/ folder.
avatarThumbnailsPng: false
# Allow secret keys exposure via API
allowKeysExposure: false
# Skip new default content checks
skipContentCheck: false
# Disable automatic chats backup
disableChatBackup: false
# API request overrides (for KoboldAI and Text Completion APIs)
## Format is an array of objects:
## - hosts:
##   - example.com
##   headers:
##     Content-Type: application/json
requestOverrides: []
# -- PLUGIN CONFIGURATION --
# Enable UI extensions
enableExtensions: true
# Extension settings
extras:
  # Disables automatic model download from HuggingFace
  disableAutoDownload: false
  # Extra models for plugins. Expects model IDs from HuggingFace model hub in ONNX format
  classificationModel: Cohee/distilbert-base-uncased-go-emotions-onnx
  captioningModel: Xenova/vit-gpt2-image-captioning
  embeddingModel: Cohee/jina-embeddings-v2-base-en
  promptExpansionModel: Cohee/fooocus_expansion-onnx
  speechToTextModel: Xenova/whisper-small
  textToSpeechModel: Xenova/speecht5_tts
# -- OPENAI CONFIGURATION --
openai:
  # Will send a random user ID to OpenAI completion API
  randomizeUserId: false
  # If not empty, will add this as a system message to the start of every caption completion prompt
  # Example: "Perform the instructions to the best of your ability.\n" (for LLaVA)
  # Not used in image inlining mode
  captionSystemPrompt: ""
# -- DEEPL TRANSLATION CONFIGURATION --
deepl:
  # Available options: default, more, less, prefer_more, prefer_less
  formality: default
# -- SERVER PLUGIN CONFIGURATION --
enableServerPlugins: false

When I run SillyTavern it literally writes the following:

Already up to date.

> sillytavern@1.11.8 postinstall
> node post-install.js


up to date in 548ms
Node version: v20.11.1. Running in production environment.

SillyTavern 1.11.8
Running 'release' (47b65626) - 2024-04-21 21:24:12 +0300

Launching...
SillyTavern is listening on: http://0.0.0.0:8000/

0.0.0.0 means SillyTavern is listening on all network interfaces (Wi-Fi, LAN, localhost). If you want to limit it only to internal localhost (127.0.0.1), change the setting in config.yaml to "listen: false". Check "access.log" file in the SillyTavern directory if you want to inspect incoming connections.

Basic Authentication is enabled, but username or password is not set or empty!

So I can't authorize in any way because it doesn't know the data to verify, any idea what I'm doing wrong?

Additional info

No response

Please tick the boxes

I have explained the issue clearly, and I included all relevant info
I have checked that this issue hasn't already been raised
I have checked the docs

Cohee · Answer 1 · Tue Apr 23 2024 22:57:03 GMT+0800 (China Standard Time)

The problem is that this:

# Basic authentication credentials
basicAuthUser:
  - username: "test"
  - password: "test1234"

should be like this:

# Basic authentication credentials
basicAuthUser:
  username: "test"
  password: "test1234"

Because basicAuthUser is not a list, it's an object.

libid0nes · Answer 2 · Tue Apr 23 2024 23:00:37 GMT+0800 (China Standard Time)

It works, thank you!
I think the developers need to fix the documentation and write a proper example: https://docs.sillytavern.app/usage/remoteconnections/#http-basic-authentication

Cohee · Answer 3 · Tue Apr 23 2024 23:02:07 GMT+0800 (China Standard Time)

I already did that.