[GH-ISSUE #487] Login page does nothing and says nothing when things go wrong #383

New issue

Closed

opened 2026-02-25 21:34:54 +03:00 by kerem · 6 comments

kerem commented 2026-02-25 21:34:54 +03:00

Owner

Copy link

Originally created by @gitcnd on GitHub (Jun 1, 2021).
Original GitHub issue: https://github.com/cypht-org/cypht/issues/487

Originally assigned to: @jasonmunro, @christer77 on GitHub.

🗣 Suggestion

When I enter a (correct) username and (correct, but see later) password and click login, a few seconds pass and then what I typed just vanishes - nothing else happens (no messages or anything - just the same login screen with now-empty boxes)

When things don't work, users should probably be told at least something about what went wrong?

• Update - my logs show an authentication problem - so yes - users DEFINITELY should be told about this error: because Cyph login said nothing, I tried again a few times - which endangers my gmail account getting locked for repeated attempts I guess?

On that - I expect I need to tell gmail I'm going to use IMAP (or better, get some token or something instead?) - so not only should I have been told about the auth problem at login, a better warning would have been to also tell me about enabling whatever-needs-to-be-enabled as well?

Also - on that last point - the doc wasn't clear about how authentication even works, or what to (a mail server? theirs or mine? my own custom user/password system) - so explaining this a bit better in the doc would be nice (along with steps needed so that it can work in gmail etc)

==> php-fpm/www-error.log <==
[01-Jun-2021 22:16:28 UTC] Array
(
    [0] => Using Hm_PHP_Session with Hm_Auth_Dynamic
    [1] => Using DB user configuration
    [2] => Using sapi: fpm-fcgi
    [3] => Request type: HTTP
    [4] => Request path: /mail-debug/
    [5] => TLS request: 0
    [6] => Mobile request: 0
    [7] => Page ID: home
    [8] => Redis enabled but not supported by PHP
    [9] => CACHE backend using: noop
    [10] => Dynamic login override, using Hm_Auth_IMAP
    [11] => 
Debug Array
(
    [0] => Connecting to tls://imap.gmail.com on port 993
    [1] => Successfully opened port to the IMAP server
    [CAPS] => * CAPABILITY IMAP4rev1 UNSELECT IDLE NAMESPACE QUOTA ID XLIST CHILDREN X-GM-EXT-1 XYZZY SASL-IR AUTH=XOAUTH2 AUTH=PLAIN AUTH=PLAIN-CLIENTTOKEN AUTH=OAUTHBEARER AUTH=XOAUTH
    [2] => Log in for <redacted>@gmail.com FAILED
    [A1 CAPABILITY] => 0.032351016998291
    [LOGIN] => 0.067843914031982
)

Response Array
(
    [0] => Array
        (
            [0] => * OK Gimap ready for requests from 91.103.2.212 z8mb513650936wru
            [1] => * CAPABILITY IMAP4rev1 UNSELECT IDLE NAMESPACE QUOTA ID XLIST CHILDREN X-GM-EXT-1 XYZZY SASL-IR AUTH=XOAUTH2 AUTH=PLAIN AUTH=PLAIN-CLIENTTOKEN AUTH=OAUTHBEARER AUTH=XOAUTH
            [2] => A1 OK Thats all she wrote! z8mb513650936wru
        )

    [1] => Array
        (
            [0] => A2 NO [ AUTHENTICATIONFAILED ] Invalid credentials ( Failure )
        )

)

    [12] => IMAP AUTH failed for <redacted>@gmail.com
    [13] => Redirecting to /mail-debug/
    [14] => PHP version 7.2.24
    [15] => Zend version 3.2.0
    [16] => Peak Memory: 4096
    [17] => PID: 177477
    [18] => Included files: 80
)

Originally created by @gitcnd on GitHub (Jun 1, 2021). Original GitHub issue: https://github.com/cypht-org/cypht/issues/487 Originally assigned to: @jasonmunro, @christer77 on GitHub. ## 🗣 Suggestion <!-- Describe your Suggestion/Idea in detail. --> When I enter a (correct) username and (correct, but see later) password and click login, a few seconds pass and then what I typed just vanishes - nothing else happens (no messages or anything - just the same login screen with now-empty boxes) When things don't work, users should probably be told at least something about what went wrong? * Update - my logs show an authentication problem - so yes - users DEFINITELY should be told about this error: because Cyph login said nothing, I tried again a few times - which endangers my gmail account getting locked for repeated attempts I guess? On that - I expect I need to tell gmail I'm going to use IMAP (or better, get some token or something instead?) - so not only should I have been told about the auth problem at login, a better warning would have been to also tell me about enabling whatever-needs-to-be-enabled as well? Also - on that last point - the doc wasn't clear about how authentication even works, or what to (a mail server? theirs or mine? my own custom user/password system) - so explaining this a bit better in the doc would be nice (along with steps needed so that it can work in gmail etc) ``` ==> php-fpm/www-error.log <== [01-Jun-2021 22:16:28 UTC] Array ( [0] => Using Hm_PHP_Session with Hm_Auth_Dynamic [1] => Using DB user configuration [2] => Using sapi: fpm-fcgi [3] => Request type: HTTP [4] => Request path: /mail-debug/ [5] => TLS request: 0 [6] => Mobile request: 0 [7] => Page ID: home [8] => Redis enabled but not supported by PHP [9] => CACHE backend using: noop [10] => Dynamic login override, using Hm_Auth_IMAP [11] => Debug Array ( [0] => Connecting to tls://imap.gmail.com on port 993 [1] => Successfully opened port to the IMAP server [CAPS] => * CAPABILITY IMAP4rev1 UNSELECT IDLE NAMESPACE QUOTA ID XLIST CHILDREN X-GM-EXT-1 XYZZY SASL-IR AUTH=XOAUTH2 AUTH=PLAIN AUTH=PLAIN-CLIENTTOKEN AUTH=OAUTHBEARER AUTH=XOAUTH [2] => Log in for <redacted>@gmail.com FAILED [A1 CAPABILITY] => 0.032351016998291 [LOGIN] => 0.067843914031982 ) Response Array ( [0] => Array ( [0] => * OK Gimap ready for requests from 91.103.2.212 z8mb513650936wru [1] => * CAPABILITY IMAP4rev1 UNSELECT IDLE NAMESPACE QUOTA ID XLIST CHILDREN X-GM-EXT-1 XYZZY SASL-IR AUTH=XOAUTH2 AUTH=PLAIN AUTH=PLAIN-CLIENTTOKEN AUTH=OAUTHBEARER AUTH=XOAUTH [2] => A1 OK Thats all she wrote! z8mb513650936wru ) [1] => Array ( [0] => A2 NO [ AUTHENTICATIONFAILED ] Invalid credentials ( Failure ) ) ) [12] => IMAP AUTH failed for <redacted>@gmail.com [13] => Redirecting to /mail-debug/ [14] => PHP version 7.2.24 [15] => Zend version 3.2.0 [16] => Peak Memory: 4096 [17] => PID: 177477 [18] => Included files: 80 ) ``` <!-- Attach Screenshots and Drawings if needed. -->

kerem 2026-02-25 21:34:54 +03:00

• closed this issue
• added the
  bug
  imap
  authentication
  labels

kerem commented 2026-02-25 21:34:54 +03:00

Author

Owner

Copy link

@jasonmunro commented on GitHub (Jun 8, 2021):

@gitcnd I know we spoke in gitter and I think you got this resolved? Our docs could always use improvement and third party access to Gmail can be trickier than most providers. I agree that we are failing to indicate that something has gone wrong in this case so I will see about fixing up that behavior at least with a generic error message.

<!-- gh-comment-id:856390764 --> @jasonmunro commented on GitHub (Jun 8, 2021): @gitcnd I know we spoke in gitter and I think you got this resolved? Our docs could always use improvement and third party access to Gmail can be trickier than most providers. I agree that we are failing to indicate that something has gone wrong in this case so I will see about fixing up that behavior at least with a generic error message.

kerem commented 2026-02-25 21:34:54 +03:00

Author

Owner

Copy link

@jasonmunro commented on GitHub (Jun 8, 2021):

@gitcnd we were using an "auth_failed" type of flag in the code to determine if we should show the login error message. I suspect when something goes wrong like the Gmail auth that flag was not being set properly. I removed it and replaced it with a more generic check of "is the session loaded" which should cover all the possible failed login situations. I will leave this open for a bit if you want to follow up but otherwise I believe this issue to be resolved. Thanks again for the feedback!

<!-- gh-comment-id:857021491 --> @jasonmunro commented on GitHub (Jun 8, 2021): @gitcnd we were using an "auth_failed" type of flag in the code to determine if we should show the login error message. I suspect when something goes wrong like the Gmail auth that flag was not being set properly. I removed it and replaced it with a more generic check of "is the session loaded" which should cover all the possible failed login situations. I will leave this open for a bit if you want to follow up but otherwise I believe this issue to be resolved. Thanks again for the feedback!

kerem commented 2026-02-25 21:34:54 +03:00

Author

Owner

Copy link

@marclaporte commented on GitHub (Jul 31, 2022):

@gitcnd Can we close?

<!-- gh-comment-id:1200477851 --> @marclaporte commented on GitHub (Jul 31, 2022): @gitcnd Can we close?

kerem commented 2026-02-25 21:34:54 +03:00

Author

Owner

Copy link

@marclaporte commented on GitHub (May 6, 2024):

@gitcnd

Please retest, as a lot has changed since you reported this issue. Notably, we now have 3 active branches and recently released Cypht 2.0.0

• https://github.com/cypht-org/cypht/releases/tag/v2.0.0
• https://github.com/cypht-org/cypht/wiki/Lifecycle

<!-- gh-comment-id:2097117673 --> @marclaporte commented on GitHub (May 6, 2024): @gitcnd Please retest, as a lot has changed since you reported this issue. Notably, we now have 3 active branches and recently released Cypht 2.0.0 - https://github.com/cypht-org/cypht/releases/tag/v2.0.0 - https://github.com/cypht-org/cypht/wiki/Lifecycle

kerem commented 2026-02-25 21:34:54 +03:00

Author

Owner

Copy link

@marclaporte commented on GitHub (Sep 28, 2024):

@gitcnd Last call :-)

Please test latest stable:
https://github.com/cypht-org/cypht/releases/

<!-- gh-comment-id:2380411637 --> @marclaporte commented on GitHub (Sep 28, 2024): @gitcnd Last call :-) Please test latest stable: https://github.com/cypht-org/cypht/releases/

kerem commented 2026-02-25 21:34:54 +03:00

Author

Owner

Copy link

@christer77 commented on GitHub (Aug 8, 2025):

Hello @gitcnd,

Thank you for testing the latest version:

If the problem persists, please reopen this issue.

Thank you.

<!-- gh-comment-id:3167640577 --> @christer77 commented on GitHub (Aug 8, 2025): Hello @gitcnd, Thank you for testing the latest [version:]( https://github.com/cypht-org/cypht/releases/) If the problem persists, please reopen this issue. Thank you.

kerem referenced this issue 2026-02-25 21:36:17 +03:00

[PR #383] [MERGED] prevent last recipient from disappearing #801

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

master

2.x

mta-sts-implementation

feat-compose-backspace-delete-recipients

release-2.5.1

add-tls3-support

1.4.x

enforce-coverage

release-2.4.2

strip_dns_prefetch_tags

fix_nightly_build

pr-title-validation-update

review-sent-email

revert-1339-fixed-tags-display

revert-1061-rem-cram-md5

sys-messages-revamp

revert-685-fixed-str-pos-warning-when-no-to

revert-590-empty-settings

release-1.3.0

revert-471-draft-add-warning

revert-454-feature/server-list-by-uniqid

php7.4-support

release-1.2.0

remove-mobile-media-queries

release-1.1.0

release-1.0.0

v2.7.0

v2.6.0

v2.5.1

v2.5.0

v1.4.7

v2.4.2

v2.4.1

v1.4.6

v1.4.5

v2.4.0

v2.3.0

v2.2.0

v1.4.4

v2.1.0

v2.0.1

v1.4.3

v2.0.0

v1.4.2

v1.4.1

v1.4.0

v1.3.0

v1.3.0-rc3

v1.3.0-rc2

v1.3.0-rc1

v1.1.0

v1.1.0-rc4

v1.1.0-rc3

v1.1.0-rc2

v1.1.0-rc1

v1.0.0

v1.0.0-rc8

v1.0.0-rc7

v1.0.0-rc6

v1.0.0-rc5

v1.0.0-rc4

v1.0.0-rc3

v1.0.0-rc2

v1.0.0-rc1

Labels

Clear labels   

2fa

  

I18N

  

PGP

  

Security

  

Security

  

account

  

advanced_search

  

advanced_search

  

announcement

  

api_login

  

authentication

  

awaiting feedback

  

blocker

  

bug

  

bug

  

bug

  

calendar

  

config

  

contacts

  

core

  

core

  

devops

  

docker

  

docs

  

duplicate

  

dynamic_login

  

enhancement

  

epic

  

feature

  

feeds

  

framework

  

github

  

github

  

gmail_contacts

  

good first issue

  

help wanted

  

history

  

history

  

imap

  

imap_folders

  

inline_message

  

installation

  

keyboard_shortcuts

  

keyboard_shortcuts

  

ldap_contacts

  

mobile

  

need-ssh-access

  

new module set

  

nux

  

pop3

  

profiles

  

pull-request

Mirrored from GitHub Pull Request

  

question

  

refactor

  

release

  

research

  

saved_searches

  

smtp

  

strategic

  

tags

  

tests

  

themes

  

website

  

wordpress

No labels

2fa

I18N

PGP

Security

Security

account

advanced_search

advanced_search

announcement

api_login

authentication

awaiting feedback

blocker

bug

bug

bug

calendar

config

contacts

core

core

devops

docker

docs

duplicate

dynamic_login

enhancement

epic

feature

feeds

framework

github

github

gmail_contacts

good first issue

help wanted

history

history

imap

imap_folders

inline_message

installation

keyboard_shortcuts

keyboard_shortcuts

ldap_contacts

mobile

need-ssh-access

new module set

nux

pop3

profiles

pull-request

question

refactor

release

research

saved_searches

smtp

strategic

tags

tests

themes

website

wordpress

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/cypht#383

No description provided.