This is an old post, but have you found a solution? I have the exact same problem. I need a new user to be redirected to profile edit page to enter the email address.
I run NodeBB on a CentOS server, which is a Hyper-V virtual machine. And I pass requests via a IIS server with ARR. I'm sure it works fine with websocket.
It works OK when I have few members. But, when I put it online, I get something strange: members on my site sometimes logged in as others.
Let me describe it more clearly : my username is oott123 as you can see, but after I visit some pages, or logged in after some while, I can see someone else 's avatar displayed on the top right corner. If I post a topic , the author will be he, not me. All of my operations seems operated by others.
My code is here: https://gist.github.com/oott123/66a507a2cadbb26415aa
I want to get the
CIVITAS-Authentication cookie which has been setted by other applications without error; then send it to my API server to get email identified by
CIVITAS-Authentication; then logged the user in.
I think the problem is caused by the code around line 86 or 143. I even thinked about it's caused by async or node.js event loop, orz.
There's some Chinese character in the comments, but you can ignore it.
Thanks a lot for help me , and sorry for my poor English again.