starred/vaultwarden
1
0
Fork 0
mirror of https://github.com/dani-garcia/vaultwarden.git synced 2026-02-05 00:29:40 +03:00
Code Issues 32 Packages Projects Releases 10 Wiki Activity

Time issue #1000

New Issue
Closed
opened 2026-02-04 23:35:57 +03:00 by OVERLORD · 10 comments
OVERLORD commented 2026-02-04 23:35:57 +03:00
Owner
Copy Link

Originally created by @xgaia on GitHub (Apr 1, 2021).

Subject of the issue

My bitwarden instance don't show the right time. I need the right time fr double auth. Any help will be great !

image

My server time

Thu 01 Apr 2021 07:30:05 PM CEST

the bitwarden container time

Thu Apr  1 19:30:24 CEST 2021

Deployment environment

Your environment (Generated via diagnostics page)

  • Bitwarden_rs version: v1.20.0
  • Web-vault version: v2.19.0
  • Running within Docker: true
  • Uses a reverse proxy: true
  • IP Header check: true (X-Real-IP)
  • Internet access: true
  • Internet access via a proxy: false
  • DNS Check: true
  • Time Check: true
  • Domain Configuration Check: false
  • HTTPS Check: false
  • Database type: SQLite
  • Database version: 3.33.0
  • Clients used:
  • Reverse proxy and version:
  • Other relevant information:

Config (Generated via diagnostics page)

{
  "_duo_akey": null,
  "_enable_duo": false,
  "_enable_email_2fa": true,
  "_enable_smtp": true,
  "_enable_yubico": true,
  "_ip_header_enabled": true,
  "admin_token": "***",
  "allowed_iframe_ancestors": "",
  "attachments_folder": "data/attachments",
  "authenticator_disable_time_drift": false,
  "data_folder": "data",
  "database_max_conns": 10,
  "database_url": "****/**.*******",
  "db_connection_retries": 15,
  "disable_2fa_remember": false,
  "disable_admin_token": false,
  "disable_icon_download": false,
  "domain": "****://*********",
  "domain_origin": "****://*********",
  "domain_path": "",
  "domain_set": false,
  "duo_host": null,
  "duo_ikey": null,
  "duo_skey": null,
  "email_attempts_limit": 3,
  "email_expiration_time": 600,
  "email_token_size": 6,
  "enable_db_wal": true,
  "extended_logging": true,
  "helo_name": null,
  "hibp_api_key": null,
  "icon_blacklist_non_global_ips": true,
  "icon_blacklist_regex": null,
  "icon_cache_folder": "data/icon_cache",
  "icon_cache_negttl": 259200,
  "icon_cache_ttl": 2592000,
  "icon_download_timeout": 10,
  "invitation_org_name": "Bitwarden_RS",
  "invitations_allowed": true,
  "ip_header": "X-Real-IP",
  "log_file": null,
  "log_level": "Info",
  "log_timestamp_format": "%Y-%m-%d %H:%M:%S.%3f",
  "org_attachment_limit": null,
  "org_creation_users": "",
  "password_iterations": 100000,
  "reload_templates": false,
  "require_device_email": false,
  "rsa_key_filename": "data/rsa_key",
  "sends_folder": "data/sends",
  "show_password_hint": true,
  "signups_allowed": true,
  "signups_domains_whitelist": "",
  "signups_verify": false,
  "signups_verify_resend_limit": 6,
  "signups_verify_resend_time": 3600,
  "smtp_accept_invalid_certs": false,
  "smtp_accept_invalid_hostnames": false,
  "smtp_auth_mechanism": "Login,Plain,Xoauth2",
  "smtp_debug": true,
  "smtp_explicit_tls": false,
  "smtp_from": "*******@*******.**",
  "smtp_from_name": "Libreon",
  "smtp_host": "****.******.***",
  "smtp_password": "***",
  "smtp_port": 587,
  "smtp_ssl": true,
  "smtp_timeout": 60,
  "smtp_username": "*******@*******.**",
  "templates_folder": "data/templates",
  "use_syslog": false,
  "user_attachment_limit": null,
  "web_vault_enabled": true,
  "web_vault_folder": "web-vault/",
  "websocket_address": "0.0.0.0",
  "websocket_enabled": false,
  "websocket_port": 3012,
  "yubico_client_id": null,
  "yubico_secret_key": null,
  "yubico_server": null
}
  • Other relevant details: my docker-compose file:
version: '3.4'
services:
  bitwardenrs:
    image: bitwardenrs/server:1.20.0
    volumes:
      - /data/bitwarden/data:/data
      - /etc/localtime:/etc/localtime:ro
      - /etc/timezone:/etc/timezone:ro
    environment:
      ADMIN_TOKEN: ${BITWARDEN_ADMIN_TOKEN}
      DISABLE_ADMIN_TOKEN: "false"
      INVITATIONS_ALLOWED: "true"
      SMTP_HOST: smtp.xxx.com
      SMTP_FROM: noreply@xxx.fr
      SMTP_FROM_NAME: xxx
      SMTP_PORT: 587
      SMTP_SSL: "true"
      SMTP_EXPLICIT_TLS: "false"
      SMTP_USERNAME: noreply@xxx.fr
      SMTP_PASSWORD: ${SMTP_PASSOWD}
      SMTP_TIMEOUT: 60
      SMTP_DEBUG: "true"
      SMTP_AUTH_MECHANISM: "Login,Plain,Xoauth2"
      TZ: Europe/Paris
    labels:
      - traefik.enable=true
      - traefik.http.routers.bitwarden.rule=Host(`vault.xxx.fr`)
      - traefik.http.routers.bitwarden.entryPoints=websecure  
    networks:
      - web

networks:
  web:
    external: true

Steps to reproduce

Run the stack with the docker-compose on a machine with CET time.

Expected behaviour

Admin interface show CET time

Actual behaviour

Admin interface show UTC time

Troubleshooting data

--

Originally created by @xgaia on GitHub (Apr 1, 2021). ### Subject of the issue My bitwarden instance don't show the right time. I need the right time fr double auth. Any help will be great ! ![image](https://user-images.githubusercontent.com/18330770/113332021-2d145880-9310-11eb-830a-62af73f07eb9.png) My server time ``` Thu 01 Apr 2021 07:30:05 PM CEST ``` the bitwarden container time ``` Thu Apr 1 19:30:24 CEST 2021 ``` ### Deployment environment ### Your environment (Generated via diagnostics page) * Bitwarden_rs version: v1.20.0 * Web-vault version: v2.19.0 * Running within Docker: true * Uses a reverse proxy: true * IP Header check: true (X-Real-IP) * Internet access: true * Internet access via a proxy: false * DNS Check: true * Time Check: true * Domain Configuration Check: false * HTTPS Check: false * Database type: SQLite * Database version: 3.33.0 * Clients used: * Reverse proxy and version: * Other relevant information: ### Config (Generated via diagnostics page) ```json { "_duo_akey": null, "_enable_duo": false, "_enable_email_2fa": true, "_enable_smtp": true, "_enable_yubico": true, "_ip_header_enabled": true, "admin_token": "***", "allowed_iframe_ancestors": "", "attachments_folder": "data/attachments", "authenticator_disable_time_drift": false, "data_folder": "data", "database_max_conns": 10, "database_url": "****/**.*******", "db_connection_retries": 15, "disable_2fa_remember": false, "disable_admin_token": false, "disable_icon_download": false, "domain": "****://*********", "domain_origin": "****://*********", "domain_path": "", "domain_set": false, "duo_host": null, "duo_ikey": null, "duo_skey": null, "email_attempts_limit": 3, "email_expiration_time": 600, "email_token_size": 6, "enable_db_wal": true, "extended_logging": true, "helo_name": null, "hibp_api_key": null, "icon_blacklist_non_global_ips": true, "icon_blacklist_regex": null, "icon_cache_folder": "data/icon_cache", "icon_cache_negttl": 259200, "icon_cache_ttl": 2592000, "icon_download_timeout": 10, "invitation_org_name": "Bitwarden_RS", "invitations_allowed": true, "ip_header": "X-Real-IP", "log_file": null, "log_level": "Info", "log_timestamp_format": "%Y-%m-%d %H:%M:%S.%3f", "org_attachment_limit": null, "org_creation_users": "", "password_iterations": 100000, "reload_templates": false, "require_device_email": false, "rsa_key_filename": "data/rsa_key", "sends_folder": "data/sends", "show_password_hint": true, "signups_allowed": true, "signups_domains_whitelist": "", "signups_verify": false, "signups_verify_resend_limit": 6, "signups_verify_resend_time": 3600, "smtp_accept_invalid_certs": false, "smtp_accept_invalid_hostnames": false, "smtp_auth_mechanism": "Login,Plain,Xoauth2", "smtp_debug": true, "smtp_explicit_tls": false, "smtp_from": "*******@*******.**", "smtp_from_name": "Libreon", "smtp_host": "****.******.***", "smtp_password": "***", "smtp_port": 587, "smtp_ssl": true, "smtp_timeout": 60, "smtp_username": "*******@*******.**", "templates_folder": "data/templates", "use_syslog": false, "user_attachment_limit": null, "web_vault_enabled": true, "web_vault_folder": "web-vault/", "websocket_address": "0.0.0.0", "websocket_enabled": false, "websocket_port": 3012, "yubico_client_id": null, "yubico_secret_key": null, "yubico_server": null } ``` * Other relevant details: my `docker-compose` file: ``` version: '3.4' services: bitwardenrs: image: bitwardenrs/server:1.20.0 volumes: - /data/bitwarden/data:/data - /etc/localtime:/etc/localtime:ro - /etc/timezone:/etc/timezone:ro environment: ADMIN_TOKEN: ${BITWARDEN_ADMIN_TOKEN} DISABLE_ADMIN_TOKEN: "false" INVITATIONS_ALLOWED: "true" SMTP_HOST: smtp.xxx.com SMTP_FROM: noreply@xxx.fr SMTP_FROM_NAME: xxx SMTP_PORT: 587 SMTP_SSL: "true" SMTP_EXPLICIT_TLS: "false" SMTP_USERNAME: noreply@xxx.fr SMTP_PASSWORD: ${SMTP_PASSOWD} SMTP_TIMEOUT: 60 SMTP_DEBUG: "true" SMTP_AUTH_MECHANISM: "Login,Plain,Xoauth2" TZ: Europe/Paris labels: - traefik.enable=true - traefik.http.routers.bitwarden.rule=Host(`vault.xxx.fr`) - traefik.http.routers.bitwarden.entryPoints=websecure networks: - web networks: web: external: true ``` ### Steps to reproduce Run the stack with the `docker-compose` on a machine with CET time. ### Expected behaviour Admin interface show CET time ### Actual behaviour Admin interface show UTC time ### Troubleshooting data --
OVERLORD commented 2026-02-04 23:36:01 +03:00
Author
Owner
Copy Link

@BlackDex commented on GitHub (Apr 1, 2021):

The date and time you posted your self are exactly the same.

@BlackDex commented on GitHub (Apr 1, 2021): The date and time you posted your self are exactly the same.
OVERLORD commented 2026-02-04 23:36:03 +03:00
Author
Owner
Copy Link

@xgaia commented on GitHub (Apr 1, 2021):

The date of the host server and the container are the same (CET), but not the date displayed by the interface (UTC)

@xgaia commented on GitHub (Apr 1, 2021): The date of the host server and the container are the same (CET), but not the date displayed by the interface (UTC)
OVERLORD commented 2026-02-04 23:36:07 +03:00
Author
Owner
Copy Link

@BlackDex commented on GitHub (Apr 1, 2021):

Could you please provide logs during the attempt to use 2FA?

@BlackDex commented on GitHub (Apr 1, 2021): Could you please provide logs during the attempt to use 2FA?
OVERLORD commented 2026-02-04 23:36:12 +03:00
Author
Owner
Copy Link

@BlackDex commented on GitHub (Apr 1, 2021):

That doesn't matter. We convert to UTC only for display

@BlackDex commented on GitHub (Apr 1, 2021): That doesn't matter. We convert to UTC only for display
OVERLORD commented 2026-02-04 23:36:17 +03:00
Author
Owner
Copy Link

@xgaia commented on GitHub (Apr 1, 2021):

aaah, it probably not a problem of time. I'll get the logs and get back to you. Thanks

@xgaia commented on GitHub (Apr 1, 2021): aaah, it probably not a problem of time. I'll get the logs and get back to you. Thanks
OVERLORD commented 2026-02-04 23:36:22 +03:00
Author
Owner
Copy Link

@xgaia commented on GitHub (Apr 1, 2021):

here is the log

[2021-04-01 20:02:28.839][bitwarden_rs::api::core::two_factor::authenticator][ERROR] Invalid TOTP code! Server time: 2021-04-01 18:02:28 UTC IP: xx.xx.xxx.xxx
[2021-04-01 20:02:28.839][response][INFO] PUT /api/two-factor/authenticator (activate_authenticator_put) => 400 Bad Request
@xgaia commented on GitHub (Apr 1, 2021): here is the log ``` [2021-04-01 20:02:28.839][bitwarden_rs::api::core::two_factor::authenticator][ERROR] Invalid TOTP code! Server time: 2021-04-01 18:02:28 UTC IP: xx.xx.xxx.xxx [2021-04-01 20:02:28.839][response][INFO] PUT /api/two-factor/authenticator (activate_authenticator_put) => 400 Bad Request ```
OVERLORD commented 2026-02-04 23:36:26 +03:00
Author
Owner
Copy Link

@BlackDex commented on GitHub (Apr 1, 2021):

Just to verify, is the time in your totp device correct?

@BlackDex commented on GitHub (Apr 1, 2021): Just to verify, is the time in your totp device correct?
OVERLORD commented 2026-02-04 23:36:31 +03:00
Author
Owner
Copy Link

@xgaia commented on GitHub (Apr 1, 2021):

yes

@xgaia commented on GitHub (Apr 1, 2021): yes
OVERLORD commented 2026-02-04 23:36:35 +03:00
Author
Owner
Copy Link

@BlackDex commented on GitHub (Apr 1, 2021):

Well, i can't think of anything else besides a wrong totp string.

You can't even enable 2fa without validation, so of you did that long before, then something is changed, but there is nothing changed regarding totp at all in the code.

So, i suggest to create a backup just in case, remove your 2fa via the admin interface and re-create the 2fa.

@BlackDex commented on GitHub (Apr 1, 2021): Well, i can't think of anything else besides a wrong totp string. You can't even enable 2fa without validation, so of you did that long before, then something is changed, but there is nothing changed regarding totp at all in the code. So, i suggest to create a backup just in case, remove your 2fa via the admin interface and re-create the 2fa.
OVERLORD commented 2026-02-04 23:36:37 +03:00
Author
Owner
Copy Link

@BlackDex commented on GitHub (Apr 3, 2021):

I have tested this with multiple situations, having the server timezone in US (while i'm in EU), even changed my host timezone (Still in sync with UTC offset). As long as the UTC time is correct, i can login using TOTP.

So i really think you either use a wrong TOTP, or something happened with the database and corrupted that string somehow.

@BlackDex commented on GitHub (Apr 3, 2021): I have tested this with multiple situations, having the server timezone in US (while i'm in EU), even changed my host timezone (Still in sync with UTC offset). As long as the UTC time is correct, i can login using TOTP. So i really think you either use a wrong TOTP, or something happened with the database and corrupted that string somehow.
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
SSO
Third party
better for forum
bug
bug
documentation
duplicate
enhancement
future Vault
future Vault
future Vault
good first issue
help wanted
low priority
notes
pull-request
Mirrored from GitHub Pull Request
 question
troubleshooting
wontfix
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
OVERLORD
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: starred/vaultwarden#1000
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?