api/admin/upload/file always 401

Martijn Michel

I've implemented several endpoints of my nodebb forum into an app and they work fine. But somehow I can't seem to upload a file because it always gives either a cors error or a 401 unauthorized error

I have no problems with cors on other endpoints.

Can anyone give a good example how to use this endpoint with fetch?

Right now I have: (the image being a base64 string)

return await fetch(Rapi + `post/upload?_uid=1`, {
      method: 'POST',
      body: JSON.stringify({
        files: [image]
      }),
      headers
    }).then((response: any) => response.json());

Martijn Michel

@martijn-michel that url should be Rapi + 'admin/upload/file?_uid=1'
both endpoints dont work

PitaJ

What headers are you passing in? What do you see in the server logs? Where are you sending this fetch request from?

Martijn Michel

@pitaj

let headers = {
  "Authorization": "Bearer -hidden-",
  "Authentication": "Bearer -hidden-",
  'Content-Type': 'application/json;charset=utf-8'
};

I am sending it from a cordova app

PitaJ

l I think you need to provide the X-Csrf-Token

https://github.com/NodeBB/NodeBB/blob/9e07efc126fd69fb03d2b72ba54d5cd12e87faa9/public/src/modules/api.js#L64

Martijn Michel

@pitaj said in api/admin/upload/file always 401:

X-Csrf-Token

ok, and what would be the value of that?

Martijn Michel

ive found this post, but i dont understand how to get a csrf token
https://community.nodebb.org/topic/6932/how-to-get-a-csrftoken-from-an-api-req-object/4