CSRF Failure in portal

Support
1

Hi,

I have set up Tyk with an API and dev portal. I have haproxy directing myportal.com to localhost:5000/{{ tyk_dashboard_org_id }}/portal/ and also redirecting the portal assets.
I can only sign it to the portal from myportal.com/login “Login” button.
If I add “” to navigation bar at the top i can sign in from the navbar also, but only on the /login and /register pages, as only then it has the {{ .Token }} there, on other pages (myportal.com, myportal.com/apis etc) it’s empty.

I saw the page https://tyk.io/troubleshooting/troubleshooting-tyk-dashboard/receive-csrf-error-developer-portal/
but if I’m already using haproxy then I don’t need to set/use CNAME in tyk, right?

tyk_analytics.conf:

“host_config” : {
“disable_org_slug_prefix”: true,
“portal_root_path”: “/”
}

Here is the organisation object:
{
“_id”:ObjectId(“55269ac5f8b0b957c6000001”),
“owner_name”:“MyOrg”,
“owner_slug”:“”,
“cname_enabled”:false,
“cname”:“myapi.com”,
“apis”:[
{
“api_human_name”:“API default”,
“api_id”:“54418ca5256544d776d98fa8ebc68bb0”
}
{
“api_human_name”:“API previous”,
“api_id”:“880faf7657694ce448a298be319849d7”
}
],
“developer_quota”:0,
“developer_count”:63,
“event_options”:{

},
“hybrid_enabled”:false,
“ui”:{
“languages”:{

  },
  "hide_help":false,
  "default_lang":"",
  "login_page":{  

  },
  "nav":{  

  },
  "uptime":{  

  },
  "portal_section":{  

  },
  "designer":{  

  },
  "dont_show_admin_sockets":false,
  "dont_allow_license_management":false,
  "dont_allow_license_management_view":false

}
}

Thanks

2

Hi Tarmo,

Though it can be configured in your HAProxy settings, you will still need to set the CNAME in the Dashboard as without it, the Dashboard will be unable to determine exactly which CNAME to look for. The advice in the Troubleshooting page you’ve linked to should still be valid in your case.

Hope that helps.

Kind regards,
Jess @ Tyk

3

Thank you for the reply.

So in org object I should put:
“cname_enabled”:true
“cname”:“myportal.com”?

I tried that and restarted, but it still doesn’t work.

In my first post, the line that I added to navigation bar was:
<input type="hidden" name="csrf_token" value="{{ .Token }}">

4

Hi Tarmo,

Unfortunately there does seem to be an issue with the login form in the navigation bar at present. This is a known issue that we’re working to resolve but until a solution has been found, you should be able to log in using the form at myportal.com/login.

Apologies for any inconvenience that this may have caused.

Kind regards,
Jess @ Tyk