This might be just me, but I wouldn't be loading that under root directory. Create a new user and use that for nodebb location under home location. As to nodebb not showing up. What does your nodebb config, and nginx config look like? I don't know what you mean by debian comes with nginx already. Sure might be in the repo but shouldn't come installed, Unless a script you ran installed it for you.
https SSL issue invalid csrf token
-
I'm using AWS EC2 instance with Apache2, my config.json looks like below
{
"url": "https://app.mysite.com:4567",
"secret": "b75e7387-3d2a-487b-8b14-2c2c0c01c6fe",
"database": "mongo",
"mongo": {
"host": "127.0.0.1",
"port": "27017",
"username": "careerwaze",
"password": "careerwaze",
"database": "forums"
}
}
When i'm running with this configuration using "https://", getting "Login Unsuccessful We were unable to log you in, likely due to an expired session. Please try again" ie. invalid-csrf-token error. Here no of sessions are creating for one login.26/7 09:31 [26144] - error: /login
invalid csrf tokenWhen accessing with the below config.json i.e with "http://"
{
"url": "http://app.mysite.com:4567",
"secret": "b75e7387-3d2a-487b-8b14-2c2c0c01c6fe",
"database": "mongo",
"mongo": {
"host": "127.0.0.1",
"port": "27017",
"username": "careerwaze",
"password": "careerwaze",
"database": "forums"
}
}
Its logging correctly only one session object is creating. When logout the application it logging out successfully.
But when i'm using session sharing plugin to login from other application using "JWT" its logging in correctly, but when trying to logout its not working. Here session is deleting but immediately when i'm clicking refresh it again showing the same user.I have tried all the possible combination while setting the cookie domain in session sharing plugin.
.mysite.com
*.mysite.com
mysite.com
app.mysite.com -
@santoshkumarr You need to change the URL to https://app.mysite.com if that is the URL you are using in the browser.
-
@teh_g As explained above we tried that one too, by adding https in config.json.
In this case unable to login getting Login Unsuccessful We were unable to log you in, likely due to an expired session. Please try again" ie. invalid-csrf-token error.Same time no of sessions are creating in sessions model
-
try removing the port (:4567)
-
@adam-poniatowski this is not working, if i remove 4567 then it will access my parent web application, from where i'm accessing forum applicaiton
-
Ensure that if you're using https in
config.json, that all http urls are redirecting to their https equivalents. -
@julian how can we check whether it is passing to https equivalents or not. Any where i need to configure that?
-
You configure this in nginx
-
@julian we are using apache2 to host nodebb
-
You can configure it in apache as well
