csrf token (I tried everything to fix it) [SOLVED]

bonaccorsop

Hello everyone,
I'm facing the well know problem about "csrf token" in login and registering...
I've read a lot of topics about it in this forum and I tried almost everything, except changing proxy...

I'm using:
Node v8.12
NodeBB v1.10.0
Docker
Traefik proxy (for docker)

I've set Traefik to proxy also the injected header field X-FORWARDED-PROTO to https
for Request and Response.

This is an example of response header of the server:

access-control-allow-credentials: true
access-control-allow-origin: https://dev.myforum.com
content-length: 2
content-type: text/html
date: Mon, 01 Oct 2018 07:54:45 GMT
set-cookie: io=7V-i9SkpMxS16NPwAAAJ; Path=/; HttpOnly
status: 200
x-forwarded-proto: https

I noticed that io set the cookie but already expired in 1969...

This is my config.json file:

{
    "url": "https://dev.myforum.com",
	"port": 80,
        "database": "mongo",
        "secret": "34564732-4958-4118-8bb4-da85c061a657",
        "mongo": {
            "host": "x.x.x.x",
            "port": "27017",
            "username": "*****",
            "password": "*****",
            "database": "*****"
        },
        "socket.io": {
            "transports": ["polling"]
        },
	"sessionKey": "express.sid"
    }

My mongo config document is:
(cookieDomain is set to void value)

db.objects.find({_key: 'config'});

// collection: objects
{
	"_id" : ObjectId("5a9449c688a1c2c5b6a98997"),
	"_key" : "config",
	"title" : "NodeBB",
	"showSiteTitle" : NumberInt("1"),
	"postDelay" : NumberInt("10"),
	"initialPostDelay" : NumberInt("10"),
	"newbiePostDelayThreshold" : NumberInt("3"),
	"minimumPostLength" : NumberInt("8"),
	"newbiePostDelay" : NumberInt("120"),
	"minimumTagsPerTopic" : NumberInt("0"),
	"maximumTagsPerTopic" : NumberInt("5"),
	"allowGuestSearching" : NumberInt("0"),
	"allowTopicsThumbnail" : NumberInt("0"),
	"registrationType" : "normal",
	"maximumPostLength" : NumberInt("32767"),
	"allowAccountDelete" : NumberInt("1"),
	"allowFileUploads" : NumberInt("0"),
	"allowLocalLogin" : NumberInt("1"),
	"allowUserHomePage" : "0",
	"maximumFileSize" : NumberInt("2048"),
	"minimumTitleLength" : NumberInt("3"),
	"maximumTitleLength" : NumberInt("255"),
	"minimumUsernameLength" : NumberInt("2"),
	"maximumUsernameLength" : NumberInt("16"),
	"minimumPasswordLength" : NumberInt("6"),
	"maximumSignatureLength" : NumberInt("255"),
	"maximumProfileImageSize" : NumberInt("256"),
	"profileImageDimension" : NumberInt("128"),
	"allowProfileImageUploads" : NumberInt("1"),
	"maximumAboutMeLength" : NumberInt("1000"),
	"teaserPost" : "last",
	"requireEmailConfirmation" : NumberInt("0"),
	"maximumCoverImageSize" : NumberInt("2048"),
	"allowPrivateGroups" : NumberInt("1"),
	"theme:type" : "local",
	"theme:id" : "nodebb-theme-mytheme (deactivated)",
	"theme:staticDir" : "",
	"theme:templates" : "",
	"theme:src" : "",
	"maximumChatMessageLength" : 9007199254740991,
	"trackIpPerPost" : NumberInt("1"),
	"allowGuestHandles" : NumberInt("1"),
	"profile:allowProfileImageUploads" : (1),
	"reputation:disabled" : NumberInt("0"),
	"downvote:disabled" : NumberInt("0"),
	"allowedFileExtensions" : "png,jpg,bmp",
	"customHTML" : null,
	"customJS" : "",
	"min:rep:downvote" : NumberInt("0"),
	"min:rep:flag" : NumberInt("0"),
	"homePageRoute" : "",
	"homePageCustom" : "/intro",
	"homePageTitle" : "",
	"defaultLang" : "it",
	"autoDetectLang" : "0",
	"cookieDomain" : ""
}

What's wrong with my configuration??

Thanks in advance

bonaccorsop

Ok, I solved it by binding a different port from 80 in my config.json:

{
        "url": "https://dev.myforum.com",
	"port": 4567,
        "database": "mongo",
        ...
}

So finally NodeBB set express.sid cookie