paperwork-Android doesn't want to login

[daeavelwyn]

hi,
I encounter an issue with paperwork for android, when I try to login, it replies "Password or email is incorrect" BUT, exactly the same mail/pass perfectly works when I use the web interface from my desktop browser (firefox).
I don't how I can enable some debug symbols or something more precise to debug this, please, if you could indicate me the steps :)

My apache 2 logs don't mention any errors, but the acces.log mention
GET /api/v1/notebooks HTTP/1.1" 404 522 "-" "Dalvik/2.1.0 (Linux; U; Android 5.0.2; 6039Y Build/LRX22G)"
So i guess the query is well send/received, but it seems there is a 404 error, and i don't know how to have better logs :-/ which are the files supposed to be found by the query ?

[theSoenke]

A 404 error is weird, because /api/v1/notebooks should definitely exist. I just tested the app and was not able to reproduce the error. Do you eventually use a self signed certificate? Don't know whether this would explain the 404 error, but self signed certificates cause some problems with the connection on android

[daeavelwyn]

yes, it's a self-signed certificate, but CADroid validate it with no error (event the CA=TRUE), and I import it directly to my android device.
I have to mention that if I try https://mydomain.com/api/v1/notebooks , from my desktop browser, it shows me a javascript array containing stuff from my mobile device.
How can I clean this to try to start from ground without re-installing all the paperwork server stuff ? Is there some clean I could directly do into the database (i get a phpmyadmin access) ?

[EDIT]
Ok, so, just for the test I create an apache virtualhost with the same settings, but without gnutls, so connecting on port 80. And it works....So I wonder if login from the android app really use tls/ssl, or does it send data in clear ? or does it use ssl/tls just for the login step and then switch to clear data send/receive on port 80 ?

[theSoenke]

Maybe you could try to put https:// in front of your server address in the app in case you're not already doing it. Theoretically there should be no problem with SSL/TLS when available.

[daeavelwyn]

I add https before the url, I remove my http virtualhost and make the test. It seems to work ! Thank you @theSoenke :)

[theSoenke]

No problem. Glad to hear that it works :)

[daeavelwyn]

Ok, so it works for my mobile phone (android 5), but not for my tablet (android 4.1.2), i've imported my certificate with cadroid, but with no more result :-( any ideas ?

[theSoenke]

@daeavelwyn Sorry to hear that, but i have not device with android 4.1 to test it. I also doubt that this is something i can do anything about it

[daeavelwyn]

erf :-(, I think it's about the certificate validation mechanism in android that the problem comes from. BTW, as it's on my tablet, I can use the web UI directly from my browser even if it's less comfortable than the interface you make.

[sipsmi]

I am similarly having issues with this although it seems more due to authentication.

When I run the application in debug mode it returns a JSON error following the authentication stage.
I added a debug to look at the JSON stream returned and it is actually a logon page which seems to be the intended behaviour of the API if it does not get the required logon hash (which seems to be sent).

This is https:// through a nginx proxy to a paperwork back end running on Apache. Cert chain all validates OK on this. Will investigate further to see the hash sent and debug on the server :-(
BTW. Like the project and inspired an old duffer to build his first Android application - if I can get this working I would hope to be a contributor.