Connection to the forum issue
-
Some users are complaining about a connection issue to the forum, we use NodeBB 1.18.6 and here is the log:
Is the problem because of a plugin? Here is our plugin list:
nodebb-theme-persona nodebb-plugin-dbsearch nodebb-widget-essentials nodebb-rewards-essentials nodebb-plugin-composer-default nodebb-plugin-browsing-users nodebb-plugin-calendar nodebb-plugin-osm-map nodebb-plugin-feed nodebb-plugin-sso-facebook nodebb-plugin-sso-twitter nodebb-plugin-sso-google nodebb-plugin-night-mode nodebb-plugin-poll nodebb-plugin-canned-responses nodebb-plugin-audio-embed nodebb-plugin-emoji nodebb-plugin-emoji-one nodebb-plugin-btn-spoilers-yesilkart nodebb-plugin-recent-cards nodebb-plugin-tenor-gif nodebb-plugin-mentions nodebb-plugin-markdown nodebb-plugin-extended-markdown nodebb-plugin-google-analytics nodebb-plugin-customize nodebb-plugin-two-way-block nodebb-plugin-twitter nodebb-plugin-cards2 nodebb-plugin-iframely nodebb-plugin-soundpack-default nodebb-plugin-dwnvtr nodebb-plugin-spam-be-gone nodebb-plugin-embedThanks in advance
-
2022-01-08T20:27:16.640Z [4567/2026] - [31merror [39m: /assets/vendor/server/php/index.php?file=tf2rghf.jpg Error: Login sessions require session support. Did you forget to use `express-session` middleware? at SessionStrategy.authenticate (/home/fsuzer/nodebb/node_modules/passport/lib/strategies/session.js:46:41) at attempt (/home/fsuzer/nodebb/node_modules/passport/lib/middleware/authenticate.js:369:16) at authenticate (/home/fsuzer/nodebb/node_modules/passport/lib/middleware/authenticate.js:370:7) at Layer.handle [as handle_request] (/home/fsuzer/nodebb/node_modules/express/lib/router/layer.js:95:5) at trim_prefix (/home/fsuzer/nodebb/node_modules/express/lib/router/index.js:323:13) at /home/fsuzer/nodebb/node_modules/express/lib/router/index.js:284:7 at Function.process_params (/home/fsuzer/nodebb/node_modules/express/lib/router/index.js:341:12) at next (/home/fsuzer/nodebb/node_modules/express/lib/router/index.js:275:10) at initialize (/home/fsuzer/nodebb/node_modules/passport/lib/middleware/initialize.js:89:5) at Layer.handle [as handle_request] (/home/fsuzer/nodebb/node_modules/express/lib/router/layer.js:95:5)That's an error I haven't seen before. Did you make any changes recently? Is it just some users that are affected by this?
-
@baris Yes, two weeks ago we have upgraded to 1.18.6 from 1.13...
But we have used Cloudflare while setting up, and it did not work well with the forum (https://community.nodebb.org/post/86544) , then last week we have re-installed the forum without Cloudflare...
many users were having connection problems including us with CloudFlare... that is why we had to remove it. After the update (for the past 5 days) so far, several users have complained about this yet, but usually, when someone mentions about a problem, others just wait until the problem is resolved, so I do not know how many people are having the problem.
Additionally, before the upgrade... when you visited the forum on mobile, leave the app (Safari), and then when you come back to the forum, your account was still logged in, however after the upgrade when you visit the app, you are automatically logged off each time.
-
@baris said in Connection to the forum issue:
Error: Login sessions require session support. Did you forget to use
express-sessionmiddleware?we have many of this error in the log:
Error: Login sessions require session support. Did you forget to useexpress-sessionmiddleware?we never had such an error before.
-
It could be due to https://community.nodebb.org/post/80759 since you upgraded from 1.13.x to 1.18.x, there was a major socket.io version change that would cause connection issues until users refresh and get the new socket.io client.
The csrf errors from your pastebin, we are investigating but haven't found a way to reproduce yet. If you put some additional debug logs in the error handler that would help us debug.
You can modify
src/controllers/errors.jsto have the below block.exports.handleErrors = async function handleErrors(err, req, res, next) { // eslint-disable-line no-unused-vars const cases = { EBADCSRFTOKEN: function () { winston.error(`${req.path}\n${err.message}`); console.log(req.session, req.headers); res.sendStatus(403); },Once you get a csrf error in the logs it should show the session/headers info. You can check that to see if it has the csrf_token
-
@baris this is the new log:
-
There is a very recent fix for csrf issues https://github.com/NodeBB/NodeBB/pull/10159
Not sure if this will make any difference in the errors you are seeing though. Specifically the ones related to facebook auth.
2022-01-14T05:15:19.727Z [4567/8739] - [31merror [39m: /forum/auth/facebook/callback?code=xxx&state=yyy Error: We were unable to log you in, likely due to an expired session. Please try again at router.<computed>.req.session.registration (/home/fsuzer/nodebb/src/routes/authentication.js:113:52) at Layer.handle [as handle_request] (/home/fsuzer/nodebb/node_modules/express/lib/router/layer.js:95:5) at next (/home/fsuzer/nodebb/node_modules/express/lib/router/route.js:137:13) at Route.dispatch (/home/fsuzer/nodebb/node_modules/express/lib/router/route.js:112:3) at Layer.handle [as handle_request] (/home/fsuzer/nodebb/node_modules/express/lib/router/layer.js:95:5) at /home/fsuzer/nodebb/node_modules/express/lib/router/index.js:281:22 at Function.process_params (/home/fsuzer/nodebb/node_modules/express/lib/router/index.js:341:12) at next (/home/fsuzer/nodebb/node_modules/express/lib/router/index.js:275:10) at rewrite (/home/fsuzer/nodebb/src/controllers/home.js:26:10) at Layer.handle [as handle_request] (/home/fsuzer/nodebb/node_modules/express/lib/router/layer.js:95:5)Can you reproduce this error when you try to login via facebook?
-
@baris I did not have any problem logging via facebook app. Additionally, there was nothing on the logs...
So, as you have suggested before, I guess we will stop seeing the connection problems when the users delete cookies and start a new session on the browser? Did I understand it correctly?
-
@crazycells Yeah hopefully that's should resolve it.
