Make Private Forum
-
Thanks @baris. I appreciate that you guys are planning to include that feature in the next release. But it's really important that I figure out a temporary solution in the next week. Can you explain how I could tweak the code to this effect:
Upon request to visit any page except /login or /register:
If user is logged in:
send them to the page normally
If user is not logged in:
redirect to /loginThanks a lot!
AaronPS It would be great if posts could preserve spaces. It's hard to write pseudocode, for example, without spaces.
-
@aaron Give this a shot, warning it is hacky. Add the following snippet after this line : https://github.com/designcreateplay/NodeBB/blob/master/src/webserver.js#L431
function loggedIn(req, res, next) { if(req.user && parseInt(req.user.uid, 10)) { return next(); } var allowed = ['config', 'get_templates_listing', '403', 'login', 'register']; if(req.params && allowed.indexOf(req.params.route) !== -1) { return next(); } res.status('403'); res.redirect('/403'); } app.all('/api/:route', loggedIn); app.get('/', loggedIn);
I couldn't manage to redirect to the '/login' page for some reason. Maybe someone else has a better way to do it. This will redirect to 403.
-
Hi @baris, @julian, I got everything working again and gave your solution a try. It succeeded in preventing non-logged in visitors from visiting the home page. But if someone had a direct link to a category page they could still go there. Any other ideas? I'd really like to redirect to a custom welcome page or at least the registration page if possible and it's important that every request (except those to /login or /register gets routed there if the user isn't logged in). I really appreciate your help! You've built a great piece of software.
Best,
Aaron -
File not found · NodeBB/NodeBB
Node.js based forum software built for the modern web - File not found · NodeBB/NodeBB
GitHub (github.com)
You can change that line to
return ajaxify.go('/register');
then all forbidden pages will redirect to register. You can then change the register.tpl file. -
Hi, thanks again @baris.
I just tried:
return ajaxify.go('/register');
It didn't seem to work unfortunately.Additionally, I now realize that the fix I said worked has a problem. While it redirects you to /403 if you type the home address into the browser, the links in the top left (home, recent, users) still work. Any idea how to solve this problem?
Thanks,
Aaron -
Try :
function loggedIn(req, res, next) { if(req.user && parseInt(req.user.uid, 10)) { return next(); } var allowed = ['config', 'get_templates_listing', '403', 'login', 'register']; if(req.params && allowed.indexOf(req.params.route) !== -1) { return next(); } res.status('403'); res.redirect('/403'); } app.all('/api/:route/*?', loggedIn); app.all('/api/:route', loggedIn); app.get('/', loggedIn);
and
return ajaxify('register')
in the template file. That works for me. -
Hmmm...now if I click on those links, all but the header disappears. For example, if I click the users icon, the address changes to /users, but the screen goes blank except for the header.
Is it possible my problems have to do with my Redis store? I'm getting this readout from the terminal where I launched the redis server:
[17580] 04 Feb 17:14:56.496 # Server started, Redis version 2.8.4 [17580] 04 Feb 17:14:56.497 * DB loaded from disk: 0.002 seconds [17580] 04 Feb 17:14:56.497 * The server is now ready to accept connections on port 6379 [17580] 04 Feb 17:15:57.017 * 10 changes in 60 seconds. Saving... [17580] 04 Feb 17:15:57.018 * Background saving started by pid 17592 [17592] 04 Feb 17:15:57.018 # Failed opening .rdb for saving: Permission denied [17580] 04 Feb 17:15:57.118 # Background saving error [17580] 04 Feb 17:16:03.052 * 10 changes in 60 seconds. Saving... [17580] 04 Feb 17:16:03.052 * Background saving started by pid 17596 [17596] 04 Feb 17:16:03.053 # Failed opening .rdb for saving: Permission denied [17580] 04 Feb 17:16:03.153 # Background saving error
-
Make sure your browser cache is disabled when you are testing this.
return ajaxify('register');
works fine for me but I got the same result you described when I triedreturn ajaxify('/register');
.About your redis issue looks like the user redis running under doesn't have permission to write to that location.
-
Thanks. That's what I figured, so I went to the directory with dump.rdb and did
sudo chmod 777 dump.rdb
and this is the output ofls -l
:
total 16
-rwxrwxrwx 1 root wheel 5654 Jan 30 20:26 dump.rdb
Also, I definitely did register, not /register. So not sure what the problem is there.
I appreciate your taking the time to help me out with this!
-
function loggedIn(req, res, next) { if(req.user && parseInt(req.user.uid, 10)) { return next(); } var allowed = ['config', 'get_templates_listing', '403', 'login', 'register']; if(req.params && allowed.indexOf(req.params.route) !== -1) { return next(); } res.status('403'); res.redirect('/403'); } app.all('/api/:route/*?', loggedIn); app.all('/api/:route', loggedIn);
Looks like you don't need the last route. With the above code and the
return ajaxify('register');
in templates.js it redirects to register for me. Let me know if it doesn't work. -
It doesn't work for me. I put that block of code indented after the line:
app.namespace(nconf.get('relative_path'), function () {
I think this might be another caching issue, but it keeps forgetting who I am and I keep having to call
flushall
on the database and doingnode app --setup
again to be able to log in and test it. -
Okay, I figured out the Redis thing. The permissions for dump.rdb were fine. But I had to expand the permissions for the directory they were in (/redis).
Still having the same problem with the app though. The redirect to /register isn't working and I'm getting the white screen minus the nav bar instead of getting routed to /403 or /register.