NodeBB ACP-access broken
-
@julian I just pulled the latest and tried again but this issue is still present.
Do you have any clue how to fix or may you provide redis-commands therefor I can give you more information what happens to the user-object.
Otherwise I sadly cannot setup local instance for testing (especially I wanted to try whether gh#1528 is still present).
And a command to drop whole redis-databases would be nice thought. Currently for each try I need use a new db-index...
-
I'm using redis
3.0.2
, nodejs0.12.7
, npm2.13.1
, NodeBB commit65ab5733ef8f6750ea710f490c8c92bea7721bbd
and chromium43.0.2357.134
onx86_64
Arch Linux4.1.2-2
.
Should all be latest within arch-repos.After fresh
git clone
I rannpm i ./nodebb setup ./nodebb dev # same problem when using ./nodebb start, etc.
When accessing NodeBB via browser now and logging in as the admin created within
./nodebb setup
and accessing /admin afterwards the user gets somehow broken and I'm suddenly logged out.
I cannot login afterwards.When using mongodb
3.0.4
(since I know it's cli) the objects-collection contains the following after trying to access /admin: (the user is called "frissdiegurke", for search ;)) http://pastebin.com/wvg7TKXkmaybe you see anything suspicious... I noticed that the user-status is still set to "online".
EDIT: here is the config.json:
{ "url": "http://localhost:4567", "secret": "some uuid...", "database": "mongo", "mongo": { "host": "127.0.0.1", "port": "27017", "username": "nodebb", "password": "secret", "database": "nodebb" } }
so everything quite default values...
-
I've disabled the cache for this (request-header
Cache-Control:no-cache
) but without that the same result: 200.General
Remote Address:[::1]:4567 Request URL:http://localhost:4567/login?local=1 Request Method:POST Status Code:200 OK
Response Headers
Connection:keep-alive Content-Length:6 Content-Type:text/html; charset=utf-8 Date:Sat, 18 Jul 2015 15:13:14 GMT ETag:W/"6-EfazKFv3GoeBHD2tzLexZg" set-cookie:express.sid=s%3AKZKFhtm5od-ur_JBgNkN1mZk-_MgogOF.r%2BamgtRRL1d%2Bun5NbhOxIuBW1W%2FJx7WAv9xp01UorXo; Path=/; Expires=Sat, 01 Aug 2015 15:13:14 GMT; HttpOnly Vary:Accept-Encoding X-Frame-Options:SAMEORIGIN X-Powered-By:NodeBB
Request Headers
Accept:*/* Accept-Encoding:gzip, deflate Accept-Language:en-US,en;q=0.8,de;q=0.6 Cache-Control:no-cache Connection:keep-alive Content-Length:113 Content-Type:application/x-www-form-urlencoded; charset=UTF-8 Cookie:org.cups.sid=6592779d4f2a1725f4c410957b3ffef2; connect.sid=s%3AR0QEUPdPVSiS5tazLC8bkdhtLmjyYEnp.Q5Eucy7fsCVN22WViBWuZaWgmOzhFKrayNvnkdYuleY; express.sid=s%3AKZKFhtm5od-ur_JBgNkN1mZk-_MgogOF.r%2BamgtRRL1d%2Bun5NbhOxIuBW1W%2FJx7WAv9xp01UorXo Host:localhost:4567 Origin:http://localhost:4567 Pragma:no-cache Referer:http://localhost:4567/login?local=1 User-Agent:Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.134 Safari/537.36 x-csrf-token:CgqEiLEc-Cq3OXMXAyRURBWlCuo0Ep_tvsEU X-Requested-With:XMLHttpRequest
Query String Parameters
local:1
Form Data
username:frissdiegurke password:*** remember:on returnTo:http://localhost:4567/login?local=1
I've also tried with other
returnTo
value (http://localhost:4567/tags) but same result 200 and redirect to /login?local=1EDIT: After cleaning cookies (more specific
express.sid
) I can login again but as soon I try to access /admin it's the same all over again. -
The request to /admin itself when logged in (and avatar is showed, etc.) results in a 302 as it seems:
General
Remote Address:[::1]:4567 Request URL:http://localhost:4567/admin Request Method:GET Status Code:302 Moved Temporarily
Response Headers
Connection:keep-alive Content-Length:84 Content-Type:text/html; charset=utf-8 Date:Sat, 18 Jul 2015 15:41:47 GMT Location:/login?local=1 set-cookie:express.sid=s%3ASnR2fDlqTEBDunA6DAyurgERQy9LvZwj.jmjluB9kDCE%2BSEhCtxTpzgcakpjJa%2BKOpuFYYSgtmIo; Path=/; Expires=Sat, 01 Aug 2015 15:41:47 GMT; HttpOnly Vary:Accept, Accept-Encoding X-Frame-Options:SAMEORIGIN X-Powered-By:NodeBB
Request Headers
Accept:text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8 Accept-Encoding:gzip, deflate, sdch Accept-Language:en-US,en;q=0.8,de;q=0.6 Cache-Control:no-cache Connection:keep-alive Cookie:express.sid=s%3ABq2PBi6iT5jaRQ6Qg3ojLy9PyWB0dRe6.VgpaSnS%2B%2BvdTxoJkxieZgw4ZpOWzUxJZOOH%2BWygCNqw; express.sid=s%3AYryeHEojKdlk3cc9SBmIegkusB9GeJ70.wJ5jXbD5oqvrygsWvUKMbq8mVJGIXrprt%2F%2F3OAH0jn0 Host:localhost:4567 Pragma:no-cache Referer:http://localhost:4567/unread User-Agent:Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.134 Safari/537.36
Maybe the two different
express.sid
request-cookies have sth to do with this o_O -
I've used redis in first place, just switched to mongodb for debugging purpose since I'm not familiar with redis commands.
So everything happens using redis the same way. -
@baris said:
@frissdiegurke Does this happen with node 0.10.x?
Since there is no way to install node 0.10.x (neither iojs, wanted to try this ) without purging my current version I'm not willing to do this.
I've just tried to remove all global installed node_modules (
rm -rf /usr/lib/node_modules
), clean npm cache and reinstallnpm
and my global modules.
But it still didn't fix the problem (fixed some non-related errors though).I'll try on my desktop-pc (also bleeding-edge arch-linux) later this day to see if it works there.
-
You could try installing nvm, which would allow you to "install" Node from within your home directory...
Then you can switch between 0.10, 0.11, 0.12, and even iojs, with a single
nvm use
command.Of course, you do have to
npm rebuild
each time, but that's not so bad. -
@julian well, that's affordable didn't know
nvm
thanks!Using nodejs
v0.10.40
(npm1.4.28
) andnpm rb
within NodeBB root, flushing db and calling./nodebb setup
again... The issue still persists o_OI've also tried the
v0.6.x
branch (using nodejs0.12.x
) where the same issue occurs, so it's definitely no fault within the NodeBB core (unless caused by lately bugfixes within that branch too)...As I said I'll test on desktop-pc later on. Maybe I'll also try around with docker some time (never used it yet, definitely need to xD ).