"error:csrf-invalid," Please Help; Prosze o Pomoc.



  • Hello, Witam,

    I'm experiencing an issue with CSRF tokens.
    The plugin that I'm using is the Steam SSO plugin, and after I log in through Steam, I get this error:

    alt text

    Important:

    • I am running Nginx on Windows.
    • I am running Node JS v10.1.0
    • I am using CloudFlare (see DNS config below)

    In the console, I'm getting this error:
    2018-08-12T04:22:01.135Z [54996] - error: /auth/steam/callback Error: [[error:csrf-invalid]] at router.get.passport.authenticate.successReturnToOrRedirect (E:\MyFolder\Website NodeJS\nodebb\src\routes\authentication.js:75:54) at Layer.handle [as handle_request] (E:\MyFolder\Website NodeJS\nodebb\node_modules\express\lib\router\layer.js:95:5) at next (E:\MyFolder\Website NodeJS\nodebb\node_modules\express\lib\router\route.js:137:13) at Route.dispatch (E:\MyFolder\Website NodeJS\nodebb\node_modules\express\lib\router\route.js:112:3) at Layer.handle [as handle_request] (E:\MyFolder\Website NodeJS\nodebb\node_modules\express\lib\router\layer.js:95:5) at E:\MyFolder\Website NodeJS\nodebb\node_modules\express\lib\router\index.js:281:22 at Function.process_params (E:\MyFolder\Website NodeJS\nodebb\node_modules\express\lib\router\index.js:335:12) at next (E:\MyFolder\Website NodeJS\nodebb\node_modules\express\lib\router\index.js:275:10) at Function.handle (E:\MyFolder\Website NodeJS\nodebb\node_modules\express\lib\router\index.js:174:3) at router (E:\MyFolder\Website NodeJS\nodebb\node_modules\express\lib\router\index.js:47:12) at Layer.handle [as handle_request] (E:\MyFolder\Website NodeJS\nodebb\node_modules\express\lib\router\layer.js:95:5) at trim_prefix (E:\MyFolder\Website NodeJS\nodebb\node_modules\express\lib\router\index.js:317:13) at E:\MyFolder\Website NodeJS\nodebb\node_modules\express\lib\router\index.js:284:7 at Function.process_params (E:\MyFolder\Website NodeJS\nodebb\node_modules\express\lib\router\index.js:335:12) at next (E:\MyFolder\Website NodeJS\nodebb\node_modules\express\lib\router\index.js:275:10) at E:\MyFolder\Website NodeJS\nodebb\node_modules\express\lib\router\index.js:635:15

    Here is my config.json:

    {
        "port": ["4567", "4568", "4569"],
        "ssl": {
             "cert": "E:/MyFolder/Website NodeJS/ssl/forums/ssl.crt",
             "key": "E:/MyFolder/Website NodeJS/ssl/forums/key.pem"
        },
        "url": "https://forum.mywebsite.net",
        "secret": "thesecret",
        "database": "mongo",
        "mongo": {
            "host": "127.0.0.1",
            "port": "27017",
            "username": "myusername",
            "password": "thepassword",
            "database": "thedbname",
            "uri": ""
        }
    }
    

    Here is my Nginx configuration:

    upstream io_nodes {
        ip_hash;
        server 127.0.0.1:4567;
        server 127.0.0.1:4568;
        server 127.0.0.1:4569;
    }
    
    server {
        server_name forum.mywebsite.net;
        listen     443 ssl spdy;
    
        ssl_certificate "E:/MyFolder/Website NodeJS/ssl/forums/ssl.crt";
        ssl_certificate_key "E:/MyFolder/Website NodeJS/ssl/forums/key.pem";
    
        # enables all versions of TLS, but not SSLv2 or 3 which are weak and now deprecated.
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    
        # disables all weak ciphers
        ssl_ciphers 'AES128+EECDH:AES128+EDH';
    
        ssl_prefer_server_ciphers on;
    
        # prevents 502 bad gateway error
        large_client_header_buffers 8 32k;
    
        client_max_body_size 2M;
    
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header Host $http_host;
        proxy_set_header X-NginX-Proxy true;
        proxy_redirect off;
        proxy_buffering off;
    
        # Socket.IO Support
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
    
        gzip on;
        gzip_min_length 1000;
        gzip_proxied off;
        gzip_types text/plain application/xml application/x-javascript text/css application/json;
    
        proxy_set_header X-Forwarded-Proto $scheme;
    
        location @nodebb {
            proxy_pass https://io_nodes;
        }
    
        location ~ ^/(images|language|sounds|templates|uploads|vendor|src\/modules|nodebb\.min\.js|stylesheet\.css|admin\.css) {
            root /home/msforum/NodeBB/public/;
            try_files $uri $uri/ @nodebb;
        }
    
        location / {
            error_page 502 =200 @maintenance;
            # prevents 502 bad gateway error
            proxy_buffers 8 32k;
            proxy_buffer_size 64k;
            proxy_pass https://io_nodes;
        }
        location @maintenance {
            root /opt/nginx/maintanance/;
            try_files $uri /index.html =503;
        }
    }
    

    Here is my CloudFlare DNS configuration:

    alt text

    Please help me out 🙂
    Thanks for reading, and thanks in advance!


 

Suggested Topics

  • 2
  • 6
  • 8
  • 6
  • 2
| |