Updated Part-DB and get Invalid CSRF token

[CommanderDer]

Hello,
I updated my Part-DB container and now I'm getting the error message "Invalid CSRF token" when trying to log in. I don't get this message when I log in locally on the network. Only when I log in via my domain using Cloudflare and Pihole. But is that possibly the cause, and what do I need to configure where? Thank you.

[MickLesk]

Maybe Default_uri add into .env?

https://docs.part-db.de/configuration.html

[tremor021]

Guys, please, read the website of the script you're using.

[CommanderDer]

Oh yeah, sorry, I missed that. Unfortunately, it didn't work. But I did notice that when I enter my URL there, the " at the end isn't white.

[MickLesk]

Remove the comments below, maybe a " is missing above

And you need to restart the Container after Change

[CommanderDer]

No, unfortunately, it only works locally. As I said, I use Cloudflare and Nginx Proxy Manager, and since updating Part-DB, I've been getting an error message when I try to connect via Cloudflare.

[MickLesk]

Then maybe ask in there repo? I dont use NPM (annoying Tool), only Caddy with Cloudflare and all my LXC working fine. Idk what NPM do :/

[emeni09]

not sure if you fixed it, for me it was the TRUSTED_PROXIES=127.0.0.0/8,::1,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16 that was missing.
now it works :)

[HSoeren]

If your Nginx Proxy Manager is also a docker container TRUSTED_PROXIES=172.16.0.0/12 should be enough to do the trick without finding the exact IP address of the docker container.

[Lopfi]

I'm also running into the same issue with cloudflare. I tried to set CORS_ALLOW_ORIGIN but that also didn't fix this.

[SemvdH]

I was struggling with this issue for quite some time as well. My DEFAULT_URI was correct and my TRUSTED_PROXIES as well, but I still got the "Invalid CSRF token" message whenever I tried to log in through my domain name (using HTTPS). Logging in through just the ip:port combination worked. What eventually fixed it for me was to set these headers in my NGINX config:

                # Required for Symfony / Part-DB
                proxy_set_header X-Forwarded-Proto $scheme;
                proxy_set_header X-Forwarded-Host  $host;
                proxy_set_header X-Forwarded-For   $proxy_add_x_forwarded_for;
                proxy_set_header Host              $host;

                # Optional but recommended
                proxy_set_header X-Real-IP $remote_addr;

Just leaving this here in case someone might need it!

[CommanderDer]

ok but i see it`s not NGINX its Apache2

[SemvdH]

Yes the docker container uses apache2, but if you have it behind nginx like I have you have to add these headers. I did some minimal googling and found this to be the apache2 equivalent of those nginx settings:

Enable the modules: a2enmod proxy proxy_http headers
Then add this to your VirtualHost:

<VirtualHost *:80>
    ServerName partdb.mydomain.com

    # --- Required for Symfony / Part-DB ---
    RequestHeader set X-Forwarded-Proto expr=%{REQUEST_SCHEME}
    RequestHeader set X-Forwarded-Host "%{HTTP_HOST}"
    RequestHeader set X-Forwarded-For "%{REMOTE_ADDR}"
    RequestHeader set Host "%{HTTP_HOST}"

    # --- Optional but recommended ---
    RequestHeader set X-Real-IP "%{REMOTE_ADDR}"
</VirtualHost>

I have not tested this because I use nginx, but you could try to see if it works

[CommanderDer]

Do you mean the NGINX web server or the NGINX Proxy Manager? In other words, where are the files located that I need to change?