[GH-ISSUE #1500] Login fails with "illegal base64 data at input byte 0" macOS Tahoe #2995

New issue

Open

opened 2026-02-27 12:29:53 +03:00 by kerem · 0 comments

kerem commented

2026-02-27 12:29:53 +03:00

Owner

Originally created by @jotaperez3 on GitHub (Dec 26, 2025).
Original GitHub issue: https://github.com/0xJacky/nginx-ui/issues/1500

Describe the bug
Login fails with HTTP 500 error and "illegal base64 data at input byte 0" across all browsers. The /api/crypto/public_key endpoint succeeds, but /api/login consistently fails with a base64 decoding error in user/auth.go:90.

To Reproduce

Navigate to nginx-ui login page
Enter valid credentials
Click 'Login'
Observe HTTP 500 error

Expected behavior
Successful authentication and redirect to dashboard.

Screenshots
Server logs:

[GIN] 2025/12/25 - 17:56:16 | 200 |     145.062µs |    10.x.x.x | POST     "/api/crypto/public_key"
2025-12-25 17:56:16.414        ERROR        user/auth.go:90        illegal base64 data at input byte 0
[GIN] 2025/12/25 - 17:56:16 | 500 |   88.322415ms |    10.x.x.x | POST     "/api/login"

Browser console error:

AxiosError: Request failed with status code 500
code: "ERR_BAD_RESPONSE"
response: {data: {code: 500, message: "Server Error"}, status: 500}

Request payload structure:

{
  "encrypted_params": "[base64-encoded RSA encrypted credentials]"
}

Info (please complete the following information):

Server OS: Ubuntu Server
Server Arch: x86_64 (amd64)
Nginx UI Version: 2.3.2 1(512) cb1fb691 (go1.25.4 linux/amd64)
Browser(s): Firefox, Safari, Chrome - all affected
Browser OS: Tahoe 26.2 MacOS

Additional context
The frontend successfully encrypts credentials and encodes them as base64, but the backend consistently fails to decode the encrypted_params value at user/auth.go:90. This affects all browsers, suggesting the issue is in the backend's base64 decoder rather than browser-specific JavaScript implementations.

Originally created by @jotaperez3 on GitHub (Dec 26, 2025). Original GitHub issue: https://github.com/0xJacky/nginx-ui/issues/1500 **Describe the bug** Login fails with HTTP 500 error and "illegal base64 data at input byte 0" across all browsers. The `/api/crypto/public_key` endpoint succeeds, but `/api/login` consistently fails with a base64 decoding error in `user/auth.go:90`. **To Reproduce** 1. Navigate to nginx-ui login page 2. Enter valid credentials 3. Click 'Login' 4. Observe HTTP 500 error **Expected behavior** Successful authentication and redirect to dashboard. **Screenshots** Server logs: ``` [GIN] 2025/12/25 - 17:56:16 | 200 | 145.062µs | 10.x.x.x | POST "/api/crypto/public_key" 2025-12-25 17:56:16.414 ERROR user/auth.go:90 illegal base64 data at input byte 0 [GIN] 2025/12/25 - 17:56:16 | 500 | 88.322415ms | 10.x.x.x | POST "/api/login" ``` Browser console error: ```javascript AxiosError: Request failed with status code 500 code: "ERR_BAD_RESPONSE" response: {data: {code: 500, message: "Server Error"}, status: 500} ``` Request payload structure: ```javascript { "encrypted_params": "[base64-encoded RSA encrypted credentials]" } ``` **Info (please complete the following information):** - Server OS: Ubuntu Server - Server Arch: x86_64 (amd64) - Nginx UI Version: 2.3.2 1(512) cb1fb691 (go1.25.4 linux/amd64) - Browser(s): Firefox, Safari, Chrome - **all affected** - Browser OS: Tahoe 26.2 MacOS **Additional context** The frontend successfully encrypts credentials and encodes them as base64, but the backend consistently fails to decode the `encrypted_params` value at `user/auth.go:90`. This affects all browsers, suggesting the issue is in the backend's base64 decoder rather than browser-specific JavaScript implementations.