[email protected] is always available for development services
[nodebb-plugin-session-sharing] how to install?
-
Hi there, i have installed this plugin to bring my current userbase into a nodebb-forum.
anyways, in the admin-area its shown as activated. but everytime when i start nodebb following error occurs:
[session-sharing] JWT Secret not found, session sharing disabled.
i looked up where it fires this error. its in library.js at line 364. seems like it tries to look inside /NodeBB/src/meta/settings.js for a "session-sharing" object?
my node-server and nodebb are running locally. i have already figured out how to deliver a cookie between those different instances.
did i messed something up in the setup, or do i have to additionally paste some things to specific places?
-
@Pav check the acp for a session sharing settings page under the plugins section.
-
yep, i think there is the problem. because the plugin didn't moved the needed templates into the template-directory. the plugin itself contains all the needed templates and functions, but at the wrong place, so nodebb don't access them?
here is how my admin-control-panel looks like and the consol-output when i click on "Session Sharing":
when i move the template myself into the needed directory, it will show up but stay without functionality
-
@Pav run
./nodebb stop && ./nodebb build && ./nodebb start
and try again -
-
-
@julian It's a NodeJS app. Here is my code. It currently makes the site go down. (I don't know what I'm doing when it comes to the passport module.)
var express = require('express'); var router = express.Router(); var passport = require('passport'); var jwt = require('jsonwebtoken'); ... router.post( '/login', usermw.getUserByBodyUsername, function( req, res, next ) { // The shared login plugin for nodebb expects this JWT-encoded cookie. Here we create it and pass it to the browser... var secretKey = "0281759e-3f80-11e8-b467-0ed5f89f718b"; var payload = { id: req.user._id, firstName: req.user.first_name, lastName: req.user.last_name // iss: "https://www.rebuiltparishassociation.com/", }; var jwtvalue = jwt.sign( payload, secretKey ); res.cookie( 'login', jwtvalue, { /* maxAge: 900000, */ httpOnly: true }); }, passport.authenticate( 'local', { successRedirect:'/about', failureRedirect:'/login', failureFlash: true, failureMessage: "Invalid username or password" } ) );
-
Can't really debug as I don't know your app, but if there's a stack trace, it'll show the problem, likely.
Also you probably want to set the cookie after passport does its local authentication, otherwise a malicious user can attempt to log into an account using a wrong password, but still get a valid jwt, and then log into the nodebb forum under that account.