• Hi all, i'm currently developing a plugin and i need to authorize another session from an express route i setup for a callback an externall app calls. From the call i'm getting i'm doing this:

    			let fakeReq = {
    				sessionID: sessionId,
    				ip: sock.remoteAddress,
    				useragent: useragent.parse(sock.request.headers['user-agent']),
    				session: {}
    			authenticationController.onSuccessfulLogin(fakeReq, data.uid, 
                                function (err) {
    				if (err) {
    					console.log('ERROR', err)
    				} else {

    Now, i'm getting the ["checkSession", 2] message on the remote websocket and a YAY on my dev console, but NodeBB goes nuclear into it giving a message about session not matching and reloading the page.

    What should i do to "fake" the login in this case?

    EDIT: The sock gets identified by the app callback and i extract it from the server eio client list.

  • Global Moderator Plugin & Theme Dev

    What is the purpose of doing this? Maybe there's a better way.

  • Trustless login.

    Basically, using an app that sends a pubkey signed message to NodeBB out of band.

  • Global Moderator Plugin & Theme Dev

    Have you looked into how nodebb-plugin-session-sharing works?

  • Will check, thanks for the pointer

  • It seems require('socket.io').reqFromSocket(socket) doesn't returns a valid req for AuthController.doLogin.... i want to authenticate via websocket but maybe i will have to do it the old POST way, am i correct?

Suggested Topics

| | |

© 2014 – 2022 NodeBB, Inc. — Made in Canada.