nodebb for oauth authentication

General Discussion

Suggested Topics

  • 0 Votes
    1 Posts


    Thanks for the amazing forum platform.

    I am currently working on the Laravel website with forum as a part of the website, and I have chosen nodebb as forum platform. I am really new to SSO, and I don’t have much knowledge about node.js, and even mongo database. And I am not English, so if there is anything I am not really explaining well, please let me know.

    Firstly, I am not sure what I want to achieve is possible. Ideally, after Laravel website (localhost:8000) user login, then clicked the forum link (nodebb – localhost:4567), then nodebb could login the Laravel user without login confirmation. The situation sounds like, I have already login with google account, when I try to login, nodebb community won’t ask me the login confirmation to login. I am not sure whether it is able to achieve, because it means a website user try to login another website without providing any information, even a token.

    Secondly, in another case, it could be that a Laravel user login nodebb forum, and give auth to nodebb forum, then the user can login nodebb forum with Laravel user details. I have done a bit of research online, I think that I should expose my nodebb application to OAuth2orize ( I have installed the OAuth2orize by running npm install oauth2orize, but after that I don’t know what else I should do, it said to create a OAuth server, but I have no idea where I should create this server, or where I could register grants, and do I need to do anything with Laravel site?

  • 0 Votes
    20 Posts

    With all respect to the topic, the wekeast point of NodeBB is its unfriendly monetization options for webmasters, which keeps several people away from it. Missing app support is also something to mention, but for most webmasters money goes first.

  • 0 Votes
    2 Posts

    Hmm. I figured it out. My miniscule understanding of iptables does not allow me to explain this, but if I move the rule for port 4567 up in the chain, it works. I thought they should just be going down the chain rules. Missing something here. Anyway, the issue seems to be resolved. If someone could explain why - this would be interesting to know.

    Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
    pkts bytes target prot opt in out source destination
    2590K 1747M ACCEPT all -- * * state RELATED,ESTABLISHED
    159 13356 ACCEPT icmp -- * *
    222 13300 ACCEPT all -- lo *
    25 1420 ACCEPT tcp -- * * state NEW tcp dpt:22
    0 0 ACCEPT tcp -- * * state NEW tcp dpt:4567
    0 0 ACCEPT tcp -- * * state NEW tcp dpt:2080
    54 2736 ACCEPT tcp -- * * state NEW tcp dpt:443
    0 0 ACCEPT tcp -- * * state NEW tcp dpt:1002
    0 0 ACCEPT tcp -- * * state NEW tcp dpt:5666
    0 0 ACCEPT tcp -- * * state NEW tcp dpt:8140
    0 0 ACCEPT tcp -- * * state NEW tcp dpt:4545
    0 0 ACCEPT tcp -- * * state NEW tcp dpt:5222
    0 0 ACCEPT tcp -- * * state NEW tcp dpt:5269
    574 45099 ACCEPT udp -- * * state NEW udp dpt:161
    0 0 ACCEPT udp -- * * state NEW udp dpt:162
    11540 1407K REJECT all -- * * reject-with icmp-host-prohibited
    0 0 ACCEPT tcp -- * * tcp dpt:6379
    0 0 ACCEPT tcp -- * * state NEW tcp dpt:80

  • Nodebb reset itself?

    General Discussion
    0 Votes
    2 Posts

    I found a fix. It was an error in nodebb. When I did ./nodebb setup I made a typo in the port.. oops .-.

    Anyway its all good now.

  • 0 Votes
    10 Posts

    if you're trying to embed nodebb on another site (i.e., the nodebb instance domain ISN'T your website's domain), you'll have to contend with CSP headers. just a heads up.

    if you have full control of the server on which your nodebb instance is hosted, you could set up a simple reverse proxy with nginx, point it to whatever port nodebb is listening on, and set the headers to something lax that way. config below.

    server { listen localhost:4000 ssl; server_name localhost; ssl_certificate /etc/nginx/ssl/localhost.crt; ssl_certificate_key /etc/nginx/ssl/localhost.key; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers 'AES128+EECDH:AES128+EDH'; ssl_prefer_server_ciphers on; location /forum { proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header Host $http_host; proxy_set_header X-NginX-Proxy true; client_max_body_size 100M; proxy_pass; proxy_redirect off; proxy_intercept_errors on; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_hide_header content-security-policy; proxy_hide_header x-frame-options; add_header content-security-policy "default-src * 'unsafe-eval' 'unsafe-inline' 'self' 'inline' 'http://*.*'"; } }

    you can append whatever domains you'd like to the 3rd to last line (the one that starts with add_header ...), though you shouldn't need to, since the * should whitelist all origins.

    you might ask, “what legitimate use would there be for this?!?”
    in my particular case, it's nice for local development — where your nodebb instance is already running elsewhere but you want to embed it in the site you're developing on your PC.