@PitaJ Cool! If the query string only changes on ./nodebb build then "Cache everything" works well. I thought the query string was different for each user or represented some token/cookie. I guess I should have checked how it is generated before posting.
All I find is nodebb-plugin-write-api which is not enough. It doesn't even have login API.I am not familiar with nodejs.And it is not necessary to handle the problems only existing on browser like CSRF.