Session Mismatch errors

razibal

I've gone through some of the previous topics on this subject but haven't found an answer that fits yet. I'm geting periodic reports of users getting the "Session Mistmatch" error along with the "Your connection was lost" message. This instance of nodeBB is routed through Cloudflare and flushing the CF cache gets rid of the errors. Any suggestions on where to look for the root cause? Any ideas on how to provoke ths error on demand would be much appreciated so I can identify and test the fix.

I am using the Session Sharing plugin, but it appears that this issue occurs because some request is getting cached by CF rather than at the origin as the request never makes it to nodeBB.

razibal

I've put in a cache rule to bypass caching when the path contains socket.io

(http.request.uri.path contains "/socket.io")

Hopefully this fixes the intermittent problem, but it would be nice to be able to validate and test the fix.

julian

@razibal It might be good to know what your CF-specific settings are for the site.

The session mismatch error shows up if when the frontend does a checkSession call, the server returns with a different uid.

It may be worth adding a debug log at that point (public/src/sockets.js line 89), and having your users tell you what uid is returned.

Outside of CF, it might be something as simple as the session is expiring too quickly.

razibal

@julian I'll add the debug log, however since the main site already uses datadog for logging/RUM (Real User Monitoring), I think this would be a good opportunity to add the embedded nodeBB instance to datadog.
It looks like datadog has a winston module datadog-winston. Any suggestions on the best place to integrate this without having to modify core?

julian

@razibal It looks to be that this module adds a new logger to winston. There's no specific place it needs to be.

For example you could just put it in a custom plugin:

const winston = require.main.require('winston');

// below... copied from their readme

var DatadogWinston = require('datadog-winston')
 
var logger = winston.createLogger({
  // Whatever options you need
  // Refer https://github.com/winstonjs/winston#creating-your-own-logger
})
 
logger.add(
  new DatadogWinston({
    apiKey: 'super_secret_datadog_api_key',
    hostname: 'my_machine',
    service: 'super_service',
    ddsource: 'nodejs',
    ddtags: 'foo:bar,boo:baz'
  })
)

razibal

@julian I ended up adding the datadog RUM and logger scripts to the header.tpl of my custom theme.

The user sessions are now visible in the datadog UI and any requests for checkSession are logged.

I haven't had any reports of errors since I added a cache bypass for /socket.io . Hopefully, if this occurs again I'll have the logs as well as any untrapped errors visible in the RUM sessions.

razibal

It finally happened again, Looks like app.user.uid doesn't match the logged in user uid as app.user.id is set to 0 while the uid is 2.
It all starts working again as soon as I flush the Cloudflare cache.
Where are the app values gettting set?