Can't login anymore

After isued invenio-cli run --host --port 5000 to allow different machine to access inveniordm via web browser, i can’t log in anymore. Each time i try, just have blank page with Host x.x.x.x:5000 is not trusted even with
I also modified invenio.cfg and emptied the APP_ALLOWED_HOST list.
Can someone have an idea ?

and emptied the APP_ALLOWED_HOST list

Why did you set that configuration to an empty string? You need to whitelist all the allowed host, this is a security measure. See:

If you really want to whitelist everything, try with APP_ALLOWED_HOSTS = ['*'].

I followed your instruction and try APP_ALLOWED_HOSTS = ['*'], but i got the same error.
Sorry i’m not familiar with python. I want to know if there is a way, in development mode to allow different machines to connect to the server, log in and manage there account.

This is for development only, never use this in production: try to put APP_ALLOWED_HOSTS = False, it should disable the check.

This is what i got

Traceback (most recent call last):
  File "/home/francky/.local/share/virtualenvs/test-FbZuhZEr/lib/python3.8/site-packages/flask/", line 2091, in __call__
    return self.wsgi_app(environ, start_response)
  File "/home/francky/.local/share/virtualenvs/test-FbZuhZEr/lib/python3.8/site-packages/werkzeug/middleware/", line 187, in __call__
    return, start_response)
  File "/home/francky/.local/share/virtualenvs/test-FbZuhZEr/lib/python3.8/site-packages/werkzeug/middleware/", line 78, in __call__
    return app(environ, start_response)
  File "/home/francky/.local/share/virtualenvs/test-FbZuhZEr/lib/python3.8/site-packages/flask/", line 2076, in wsgi_app
    response = self.handle_exception(e)
  File "/home/francky/.local/share/virtualenvs/test-FbZuhZEr/lib/python3.8/site-packages/flask/", line 2073, in wsgi_app
    response = self.full_dispatch_request()
  File "/home/francky/.local/share/virtualenvs/test-FbZuhZEr/lib/python3.8/site-packages/flask/", line 1518, in full_dispatch_request
    rv = self.handle_user_exception(e)
  File "/home/francky/.local/share/virtualenvs/test-FbZuhZEr/lib/python3.8/site-packages/flask/", line 1516, in full_dispatch_request
    rv = self.dispatch_request()
  File "/home/francky/.local/share/virtualenvs/test-FbZuhZEr/lib/python3.8/site-packages/flask/", line 1502, in dispatch_request
    return self.ensure_sync(self.view_functions[rule.endpoint])(**req.view_args)
  File "/home/francky/.local/share/virtualenvs/test-FbZuhZEr/lib/python3.8/site-packages/flask_security/", line 230, in wrapper
    return f(*args, **kwargs)
  File "/home/francky/.local/share/virtualenvs/test-FbZuhZEr/lib/python3.8/site-packages/flask_security/", line 117, in register
    if form.validate_on_submit():
  File "/home/francky/.local/share/virtualenvs/test-FbZuhZEr/lib/python3.8/site-packages/flask_wtf/", line 86, in validate_on_submit
    return self.is_submitted() and self.validate()
  File "/home/francky/.local/share/virtualenvs/test-FbZuhZEr/lib/python3.8/site-packages/wtforms/", line 318, in validate
    return super(Form, self).validate(extra)
  File "/home/francky/.local/share/virtualenvs/test-FbZuhZEr/lib/python3.8/site-packages/wtforms/", line 150, in validate
    if not field.validate(self, extra):
  File "/home/francky/.local/share/virtualenvs/test-FbZuhZEr/lib/python3.8/site-packages/wtforms/fields/", line 226, in validate
    stop_validation = self._run_validation_chain(form, chain)
  File "/home/francky/.local/share/virtualenvs/test-FbZuhZEr/lib/python3.8/site-packages/wtforms/fields/", line 246, in _run_validation_chain
    validator(form, self)
  File "/home/francky/.local/share/virtualenvs/test-FbZuhZEr/lib/python3.8/site-packages/flask_security/", line 138, in validate_next
    if and not validate_redirect_url(
  File "/home/francky/.local/share/virtualenvs/test-FbZuhZEr/lib/python3.8/site-packages/flask_security/", line 275, in validate_redirect_url
    url_base = urlsplit(request.host_url)
  File "/home/francky/.local/share/virtualenvs/test-FbZuhZEr/lib/python3.8/site-packages/werkzeug/", line 97, in __get__
    value = self.fget(obj)  # type: ignore
  File "/home/francky/.local/share/virtualenvs/test-FbZuhZEr/lib/python3.8/site-packages/werkzeug/sansio/", line 236, in host_url
    return get_current_url(self.scheme,
  File "/home/francky/.local/share/virtualenvs/test-FbZuhZEr/lib/python3.8/site-packages/werkzeug/", line 97, in __get__
    value = self.fget(obj)  # type: ignore
  File "/home/francky/.local/share/virtualenvs/test-FbZuhZEr/lib/python3.8/site-packages/werkzeug/sansio/", line 243, in host
    return get_host(
  File "/home/francky/.local/share/virtualenvs/test-FbZuhZEr/lib/python3.8/site-packages/werkzeug/sansio/", line 98, in get_host
    if not host_is_trusted(host, trusted_hosts):
  File "/home/francky/.local/share/virtualenvs/test-FbZuhZEr/lib/python3.8/site-packages/werkzeug/sansio/", line 35, in host_is_trusted
    for ref in trusted_list:
TypeError: 'bool' object is not iterable

I guess it’s because of APP_ALLOWED_HOSTS = False

Yes, most probably, I thought it was working.
The easiest is then, always only for development purposes, setting the hostname or IP of your server: if you are reaching your server in your browser with or IP address:
Make sure that you restart any server that you have running.

I did APP_ALLOWED_HOSTS = ['myserverprivateip'] but i have to run invenio like this invenio-cli run --host myserverprivateip --port 5000 to make it working properly

I have just tried and for me it works correctly, login included. My config:
APP_ALLOWED_HOSTS = ['', 'localhost', '', '194........'] # 194.... is my IP address

I started the server with:
invenio-cli run --host --port 5000

I opened my browser to the URL https://194.....:5000