@Rasmus said in Restrict guest access to forum:
signing up as guest
I think this might be the crux of your problem. You can't sign up as a guest, you're a guest when you don't log in.
Permition for Cross domain access
-
Hi I am working with nodebb write api plugin ... I can access the get/post request from postman as well but from my another localhost golang application http://127.0.0.1:9004 I can not access the post request. It shows error every time .
error:
401 Unauthorized 401 HTTP/1.1 1 1 map[ Access-Control-Allow-Headers:[Access-Control-Allow-*] Connection:[keep-alive] Content-Length:[115] Content-Security-Policy:[frame-ancestors 'self'] Content-Type:[application/json; charset=utf-8] Date:[Tue, 22 Dec 2020 05:00:55 GMT] Etag:[W/"73-qguwqDaxOp5T4EAjXF5td/L+gH4"] Expect-Ct:[max-age=0] Referrer-Policy:[strict-origin-when-cross-origin] X-Content-Type-Options:[nosniff] X-Dns-Prefetch-Control:[off] X-Download-Options:[noopen] X-Frame-Options:[SAMEORIGIN] X-Permitted-Cross-Domain-Policies:[none] X-Powered-By:[Upskill] X-Xss-Protection:[0] ] 0xc000292f00 115 [] false false map[] 0xc000161500 <nil> -
@mahidul-moon this is from Golang server code right? Can you share your code and what your request looks like coming out of Golang?
-
As @pitaj says, some code example from your end would be helpful.
A
401 Unauthorizedindicates something is wrong with the request (maybe missing or incorrect bearer token) -
@julian from postman I didn't pass any bearer token same request is passing through golang code
-
@pitaj yes of course
data := map[string]string{"name" : group.Name} jsonData,_ := json.Marshal(data) url = models.Domain+"/api/v2/groups/" res,err := http.Post(url, "application/json", bytes.NewBuffer(jsonData)) if err != nil{ fmt.Println(err) }else{ fmt.Println(res) } -
@mahidul-moon you'll have to pass a bearer token in, otherwise it won't know what user to act as
-
@julian ok thanks ... I will try and let's see what happend
-
@julian is this a master token ? or just any token generated by user id?
-
@mahidul-moon You can generate either a master or a user token, up to you. You can do so from the ACP.
-
@julian but without any bearer token how is it working in postman?
-
@mahidul-moon good question, it is because Postman automatically sends the browser cookie if it detects one
It's actually really annoying how postman does that...
