I think I managed to find the solution to your issue @gorgiselkov I'm guessing you're using IIS but if not it might help as well. Here: https://community.nodebb.org/post/72229

@julian So my site receives "https$mysite$site$com/auth/auth0/callback?code=letternumberjumble&state=letternumbersymboljumble" and responds with a 500. while their site gets "https$forum$antergos$com/auth/auth0/callback?code=letternumberjumble" $ being replaced with the obvious things because the spam defense doesn't let me post things that seem like links yet. If I remove the state I can at least get some better feedback from the backend, though it complains the callback code is wrong (probably because it needs to happen in that first response directly, at least I assume it shouldn't work if merely resent/spoofed later). 2018-05-01T15:30:53.594Z [26584] - error: /auth/auth0/callback TokenError: Invalid authorization code at Strategy.OAuth2Strategy.parseErrorResponse (/data/node_BB/nodebb/node_modules/passport-oauth2/lib/strategy.js:329:12) at Strategy.OAuth2Strategy._createOAuthError (/data/node_BB/nodebb/node_modules/passport-oauth2/lib/strategy.js:376:16) at /data/node_BB/nodebb/node_modules/passport-oauth2/lib/strategy.js:166:45 at /data/node_BB/nodebb/node_modules/oauth/lib/oauth2.js:191:18 at passBackControl (/data/node_BB/nodebb/node_modules/oauth/lib/oauth2.js:132:9) at IncomingMessage.<anonymous> (/data/node_BB/nodebb/node_modules/oauth/lib/oauth2.js:157:7) at emitNone (events.js:111:20) at IncomingMessage.emit (events.js:208:7) at endReadableNT (_stream_readable.js:1064:12) at _combinedTickCallback (internal/process/next_tick.js:138:11) at process._tickCallback (internal/process/next_tick.js:180:9) Don't spend time on it for now, I'll see if I can use a rule on the auth0 site to not send back the state and I'll report back if that works or not.

Hello, I'm working on a SSO integration from a django SSO. In my django project i add 'oauth2_provider' Welcome to Django OAuth Toolkit Documentation — Django OAuth Toolkit 1.2.0 documentation And i get this : On the nodebb side, I started from the plugin https://github.com/julianlam/nodebb-plugin-sso-oauth Which I modified as a result: The config.json file "oauth": { "id": "rs2yEx7aqrj7ZIgVRC9IFL7p0DyIjQwWPST4BqVW", "secret": "6A678EDFqAYtl0sALS5rqk2mfhlBQi0HIgoGH5mPaeIpnZGni8BdOFiv" }, and in the library.js) i change this lignes var constants = Object.freeze({ type: 'oauth2', // Either 'oauth' or 'oauth2' name: 'nodebb_django', // Something unique to your OAuth provider in lowercase, like "github", or "nodebb" oauth: { requestTokenURL: '', accessTokenURL: '', userAuthorizationURL: '', consumerKey: nconf.get('oauth:key'), // don't change this line consumerSecret: nconf.get('oauth:secret'), // don't change this line }, oauth2: { authorizationURL: 'https://beta.esprit-bourse.com/oauth/authorize', tokenURL: 'https://beta.esprit-bourse.com/oauth/token', clientID: nconf.get('oauth:id'), // don't change this line clientSecret: nconf.get('oauth:secret'), // don't change this line }, userRoute: '' // This is the address to your app's "user profile" API endpoint (expects JSON) }), I've never programmed in JS nodes, so I don't really know what to do, and I don't understand all the code. I may have to change the information as indicated. Update profile information (around line 137 of library. js). But there is no user account to use the Oauth system After a git clone, i can't enable the plugin so i think there is something else to change. if someone can help me I will document everything for the link Oauth django/nodeBB. Otherwise, I'll keep the site and forum separate.

Is there any progress on this, as I am also interested in using Drupal with NodeBB.

@livey0u It is just a requirejs module so just require it. require(['components'], function (components) { components.get('user/logout').off('click').on('click', function() { // your custom behaviour here }); });

After uptgarding (reinstallation) of nodebb, this plugins return error and don't work at all. After app starting, I got this warn message: 7/11 12:20 [31705] - warn: [meta/dependencies] Bundled plugin nodebb-plugin-dbsearch not found, skipping dependency check. 17/11 12:21 [31705] - warn: [plugins/nodebb-plugin-sso-github] Hook filter:user.delete is deprecated, please use an alternative 17/11 12:21 [31705] - warn: [plugins/nodebb-plugin-sso-google] Hook filter:user.delete is deprecated, please use an alternative 17/11 12:21 [31705] - warn: [plugins/nodebb-plugin-sso-twitter] Hook filter:user.delete is deprecated, please use an alternative 17/11 12:21 [31705] - warn: [plugins/load] The following plugins may not be compatible with your version of NodeBB. This may cause unintended behaviour or crashing. In the event of an unresponsive NodeBB caused by this plugin, run ./nodebb reset -p PLUGINNAME to disable it. nodebb-plugin-imgur nodebb-plugin-sso-facebook nodebb-plugin-sso-github nodebb-plugin-sso-google nodebb-plugin-sso-twitter nodebb-plugin-composer-redactor nodebb-plugin-custom-pages nodebb-plugin-desktop-notifications nodebb-plugin-rss nodebb-plugin-youtube 17/11 12:21 [31705] - info: [User-Invitations] Initializing User-Invitations... 17/11 12:21 [31705] - info: [plugins/spam-be-gone] Settings loaded 17/11 12:21 [31705] - info: [User-Invitations] Synced settings: defaultInvitations=10, restrictRegistration=0, invitedUsers=[], inviteGroup=registered-users 17/11 12:21 [31705] - warn: [plugin/composer-redactor] Another composer plugin is active! Please disable all other composers. 17/11 12:21 [31705] - info: NodeBB Ready 17/11 12:21 [31705] - info: NodeBB is now listening on: 0.0.0.0:4567 list itemWhen I try to login with Facebook, I got: L’URL fournie n’est pas autorisée par la configuration de l’application.: Une ou plusieurs URL fournies ne sont pas autorisées par les paramètres de l’application. Elle(s) doi(ven)t correspondre à l’URL du site ou du Canevas, ou le domaine doit être un sous-domaine de l’un des domaines de l’application. With googleplus: list item400. That’s an error. Error: redirect_uri_mismatch list itemWith twitter and github I get the same Error. With the ancien version of nodebb, all this sso login worked fine. Please can somone help me to resolve this problem ??

I apologize for such a dirty job.

I've embedded the forum into the iframe of my website and am currently using Facebook SSO. However, whenever I try to log into Facebook, it redirects me to the Facebook page then to my nodebb website after signing in. Does anyone know how to make the Facebook SSO redirect to my website or have the FB login be a popup window?

I'd add some client side code that checks for the cookie existing, and react (redirect) appropriately

Finaly managed to fix 502, needed to use node v4 instead of v6. Still having an issue with this plugin when i try to login : Registration Error int-steam-unexpected-error

Hey has anyone looked into building a plugin that allows users to login with their Spiceworks account. Spiceworks have documented all the info required here on their Github site: https://spiceworks.github.io/developers.spiceworks.com//documentation/share/#login_with_spiceworks. With a 6 Million strong user base, this could be very handy.

In nodebb: Admin > Location & APIs > SSO > Twitter > Add new api token. In Twitter: (User menu > Settings > API > generate SSO.

As an addendum, I'm not going to lie, configuring an OAuth2 provider is rage-inducing. You may want to consider a "login-override" instead, which would allow you to verify user credentials via the username/password login box on NodeBB, effectively bypassing NodeBB's username/password check in favour of your own:

@Macrow-Willson , ah setup: apache,debian,mod_proxy

@pichalite I am still confused that. it need update after install. But our node_module files always in ignore... so I don't thinks it's a good way to put plugs into node_module....

i also added this code to load default preferences (inside the "success" function when creating a new user) User.setSetting(uid, 'dailyDigestFreq', 'week', null); User.setSetting(uid, 'notificationSounds', 1, null); User.setSetting(uid, 'followTopicsOnCreate', 1, null); User.setSetting(uid, 'followTopicsOnReply', 1, null); User.setSetting(uid, 'sendChatNotifications', 1, null);

I run NodeBB on a CentOS server, which is a Hyper-V virtual machine. And I pass requests via a IIS server with ARR. I'm sure it works fine with websocket. It works OK when I have few members. But, when I put it online, I get something strange: members on my site sometimes logged in as others. Let me describe it more clearly : my username is oott123 as you can see, but after I visit some pages, or logged in after some while, I can see someone else 's avatar displayed on the top right corner. If I post a topic , the author will be he, not me. All of my operations seems operated by others. My code is here: https://gist.github.com/oott123/66a507a2cadbb26415aa I want to get the CIVITAS-Authentication cookie which has been setted by other applications without error; then send it to my API server to get email identified by CIVITAS-Authentication; then logged the user in. I think the problem is caused by the code around line 86 or 143. I even thinked about it's caused by async or node.js event loop, orz. There's some Chinese character in the comments, but you can ignore it. Thanks a lot for help me , and sorry for my poor English again. -- @a_5mith So do you still remember me at Topic 2593 ? I just really love NodeBB, so I hope there's some way to help me troubleshot it .

Yay, another entry into the contest