Authentication Advanced Global Settings don't save #1578

New issue

Closed

opened 2026-02-20 18:14:14 -05:00 by deekerman · 2 comments

deekerman commented

2026-02-20 18:14:14 -05:00

Owner

Originally created by @preems1 on GitHub (May 28, 2020).

Originally assigned to: @NGPixel on GitHub.

Describe the bug
Advanced Global Settings in Admin>Authentication reset to default after being changed and saved.

To Reproduce
Steps to reproduce the behavior:

Go to Admin>Authentication
Scroll down to Advanced Global Settings
Change JWT Audience, Token Expiration, and/or Token Renewal to values of your choice.
Click Apply at top of page
After note of successful configuration change, navigate to different page
Navigate back to Admin>Authentication
See that Advanced Global Settings have been reset to default

Expected behavior
Advanced Global Settings will be saved

Host Info (please complete the following information):

OS: Docker
Wiki.js version: 2.3.81
Database engine: postgres:11-alpine

Additional context
I have the Keycloak module active but I have experienced this error without Keycloak module.

Originally created by @preems1 on GitHub (May 28, 2020). Originally assigned to: @NGPixel on GitHub. **Describe the bug** Advanced Global Settings in Admin>Authentication reset to default after being changed and saved. **To Reproduce** Steps to reproduce the behavior: 1. Go to Admin>Authentication 2. Scroll down to Advanced Global Settings 3. Change JWT Audience, Token Expiration, and/or Token Renewal to values of your choice. 4. Click Apply at top of page 5. After note of successful configuration change, navigate to different page 6. Navigate back to Admin>Authentication 7. See that Advanced Global Settings have been reset to default **Expected behavior** Advanced Global Settings will be saved **Host Info (please complete the following information):** - OS: Docker - Wiki.js version: 2.3.81 - Database engine: postgres:11-alpine **Additional context** I have the Keycloak module active but I have experienced this error without Keycloak module.

deekerman closed this issue

2026-02-20 18:14:16 -05:00

deekerman commented

2026-02-20 18:14:17 -05:00

Author

Owner

@ftm commented on GitHub (Jun 25, 2020):

I am also experiencing this, however after doing some digging it looks like it's (at least partially) a UI bug.

When I update the audience from urn:wiki.js to urn:mywiki.example.com and click Apply, my token is invalidated as expected and I am forced to log back in. After logging back in, the audience field reverts back to urn:wiki.js.

However, when I decode the JWT I can see that the audience is correct, and in the database I can see that the audience has indeed been updated:

mywiki=# select * from settings where key = 'auth';
 key  |                                       value                                        |        updatedAt         
------+------------------------------------------------------------------------------------+--------------------------
 auth | {"audience":"urn:mywiki.example.com","tokenExpiration":"30m","tokenRenewal":"14d"} | 2020-06-25T21:44:34.807Z
(1 row)

If I then click Apply again, the default value of urn:wiki.js is saved over my custom audience and the token is once again made invalid.

mywiki=# select * from settings where key = 'auth';
 key  |                                  value                                  |        updatedAt         
------+-------------------------------------------------------------------------+--------------------------
 auth | {"audience":"urn:wiki.js","tokenExpiration":"30m","tokenRenewal":"14d"} | 2020-06-25T21:53:16.170Z
(1 row)

From a look at admin-auth.vue it seems like the audience, token expiration and token renewal values are all being saved but there isn't a query to actually retrieve the values back again.

@ftm commented on GitHub (Jun 25, 2020): I am also experiencing this, however after doing some digging it looks like it's (at least partially) a UI bug. When I update the audience from `urn:wiki.js` to `urn:mywiki.example.com` and click Apply, my token is invalidated as expected and I am forced to log back in. After logging back in, the audience field reverts back to `urn:wiki.js`. However, when I decode the JWT I can see that the audience is correct, and in the database I can see that the audience has indeed been updated: ``` mywiki=# select * from settings where key = 'auth'; key | value | updatedAt ------+------------------------------------------------------------------------------------+-------------------------- auth | {"audience":"urn:mywiki.example.com","tokenExpiration":"30m","tokenRenewal":"14d"} | 2020-06-25T21:44:34.807Z (1 row) ``` If I then click Apply again, the default value of `urn:wiki.js` is saved over my custom audience and the token is once again made invalid. ``` mywiki=# select * from settings where key = 'auth'; key | value | updatedAt ------+-------------------------------------------------------------------------+-------------------------- auth | {"audience":"urn:wiki.js","tokenExpiration":"30m","tokenRenewal":"14d"} | 2020-06-25T21:53:16.170Z (1 row) ``` From a look at [`admin-auth.vue`](https://github.com/Requarks/wiki/blob/15a45f8b913faa9aa12fe20dc88be6e00713e5fa/client/components/admin/admin-auth.vue) it seems like the audience, token expiration and token renewal values are all being saved but there isn't a query to actually retrieve the values back again.

deekerman commented

2026-02-20 18:14:18 -05:00

Author

Owner

@NGPixel commented on GitHub (Jun 28, 2020):

Fixed for 2.5.

@NGPixel commented on GitHub (Jun 28, 2020): Fixed for 2.5.

deekerman referenced this issue

2026-02-20 18:15:30 -05:00

text alignment in markdown editor for RTL pages #1626

deekerman referenced this issue

2026-02-20 18:15:35 -05:00