fresh install, session problem



  • I am getting problems like:
    It looks like your login session is no longer active, or no longer matches with the server. Please refresh this page.
    We were unable to log you in, likely due to an expired session. Please try again.

    The thing is; when I try from my computer, Safari and Chrome does not give error; but Safari on my tablet or Chrome on my phone also give similar sesson problems.

    Setting are:

    Ubuntu 16.04; dedicated server; plesk panel; apache server, nginx proxy.

    CONFIG.JSON

    {
    "url": "https://forum.mydomain.com",
    "secret": "xxxxxxxx",
    "database": "mongo",
    "port": 4567,
    "mongo": {
    "host": "127.0.0.1",
    "port": "27017",
    "username": "nodebb",
    "password": "xxxxxxxxxx",
    "database": "nodebb"
    },
    "type": "literal"
    }

    ON PLESK PANEL:

    Additional nginx directives:

    location ~ / {

    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    
    proxy_set_header X-Forwarded-For $remote_addr;
    
    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_set_header Host $http_host;
    proxy_set_header X-NginX-Proxy true;
    
    proxy_pass http://127.0.0.1:4567;
    proxy_redirect off;
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";
    

    }

    Additional apache directives: none

    I have near zero knowledge about nginx settings; so I've copied all things that are advised in similar questions 🙂

    Thanks for your help.



  • the url in your config has to match the fqdn of your site. Also, I don't believe the https is necessary in that config as you are not using https in your nginx config.

    {
    "url": "http://the.exact.url",
    "secret": "xxxxxxxx",
    "database": "mongo",
    "port": 4567,
    "mongo": {
    "host": "127.0.0.1",
    "port": "27017",
    "username": "nodebb",
    "password": "xxxxxxxxxx",
    "database": "nodebb"
    },
    


  • But the site has a certificate from Letsencrypt. I mean, I need to run in https.

    What must I change?



  • aditional info:

    I have added to plesk settings:

    Additional Apache directives:

    Additional directives for HTTP : RequestHeader set X-Forwarded-Proto "http"
    Additional directives for HTTPS : RequestHeader set X-Forwarded-Proto "https"

    Additional nginx directives:
    CHANGED TO: proxy_set_header X-Forwarded-Proto https;

    But still problem persists:

    ./nodebb log
    2018-03-28T20:09:27.120Z [16310] - info: Initializing NodeBB v1.8.1 https://forum.mydomain.com
    2018-03-28T20:09:27.919Z [16310] - info: [socket.io] Restricting access to origin: https://forum.mydomain.com : *
    2018-03-28T20:09:28.053Z [16310] - info: Routes added
    2018-03-28T20:09:28.056Z [16310] - info: NodeBB Ready
    2018-03-28T20:09:28.059Z [16310] - info: Enabling 'trust proxy'
    2018-03-28T20:09:28.061Z [16310] - info: NodeBB is now listening on: 0.0.0.0:4567
    2018-03-28T20:14:37.264Z [16310] - error: /login
    invalid csrf token
    2018-03-28T20:15:56.745Z [16310] - error: /register
    invalid csrf token
    2018-03-28T20:18:01.983Z [16310] - error: /register
    invalid csrf token
    2018-03-28T20:18:06.767Z [16310] - error: /register
    invalid csrf token
    2018-03-28T20:20:12.421Z [16310] - error: /register
    invalid csrf token



  • @seyeran Whatever is in your config.json has to match the URL you are navigating to.



  • @teh_g said in fresh install, session problem:

    @seyeran Whatever is in your config.json has to match the URL you are navigating to.

    Thank you. I am really indebted to you. I was trying to solve it for the last 6-7 hours.

    Solution worked for me is this:
    Permanent 301 redirect from HTTP to HTTPS



  • Still, I have this problem!

    server {
        listen 80;
    
        server_name disnut.com;
    
        location / {
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Proto $scheme;
            proxy_set_header Host $http_host;
            proxy_set_header X-NginX-Proxy true;
    
            proxy_pass http://127.0.0.1:4567;
            proxy_redirect off;
    
            # Socket.IO Support
            proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection "upgrade";
        }
    }
    

    This is my NGINX Config

    0_1527224687271_Screenshot.png



  • same problem. any updates?


  • GNU/Linux Admin

    Ensure the config.json url matches the url you actually use to navigate to the forum.


Log in to reply
 

Suggested Topics

| |