• Home
  • Categories
  • Recent
  • Popular
  • Top
  • Tags
  • Users
  • Groups
  • Documentation
    • Home
    • Read API
    • Write API
    • Plugin Development
Skins
  • Light
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor

  • Default (No Skin)
  • No Skin
Collapse
v3.5.2 Latest
Buy Hosting

Login problems after setup nodebb

Scheduled Pinned Locked Moved General Discussion
12 Posts 4 Posters 4.3k Views
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • Sobo85S Offline
    Sobo85S Offline
    Sobo85
    wrote on last edited by
    #1

    Sry that I bother you, but I didn't find a solution for my problem via search.
    When I try to login on my nodebb forum (as admin or other registed user) I'll always get returned to the login-page without any hint.
    After several login attempts the admin account get's locked.

    Do you have any advice for me, how to unlock the admin and fix the problem with login?

    Setup:

    Raspberry Pi with Raspbian (NOOBS)
    Redis-Server v2.8.17
    NodeBB v0.5.4

    1 Reply Last reply
    0
  • julianJ Offline
    julianJ Offline
    julian GNU/Linux
    wrote on last edited by julian
    #2

    Oh, a Raspberry Pi, eh?

    Can you try the following:

    1. npm i bcrypt
    2. Go into bcrypt.js and changing require('bcryptjs') to read require('bcrypt')
    1 Reply Last reply
    0
  • Sobo85S Offline
    Sobo85S Offline
    Sobo85
    wrote on last edited by Sobo85
    #3

    The file is located in three different places.
    I edited /var/opt/nodeBB/nodebb/bcrypt.js, restarted nodebb. The problem still exists.

    /home/pi/node_modules/bcrypt/bcrypt.js
    /var/opt/nodeBB/nodebb/node_modules/bcrypt/bcrypt.js
    /var/opt/nodeBB/nodebb/bcrypt.js

    When i tried to login as a registed user:

    Invalid Csrf token

    1 Reply Last reply
    0
  • julianJ Offline
    julianJ Offline
    julian GNU/Linux
    wrote on last edited by
    #4

    @Sobo85 Does it happen all of the time? Or only sometimes?

    1 Reply Last reply
    0
  • Sobo85S Offline
    Sobo85S Offline
    Sobo85
    wrote on last edited by
    #5

    Hi,

    we added two new testusers. They can login without problems. The Admin and the first account we set up are still unable to login. :S Normally we don't see any hint why we couldn't log in so that we are redirected to the login-Page.

    1 Reply Last reply
    0
  • barisB Offline
    barisB Offline
    <baris> NodeBB
    wrote on last edited by
    #6

    Can you check the database to see if they are locked out?

    If you are on redis

    redis-cli
    get lockout:1 //for uid 1
    get loginAttempts:1
    
    1 Reply Last reply
    0
  • RalkageR Offline
    RalkageR Offline
    Ralkage
    wrote on last edited by
    #7

    @Sobo85 said:

    Invalid Csrf token

    I always seem to get Invalid Csrf token when I log into my account (1st main account/admin account) on a new machine lol it's weird as heck lol.

    Raspberry Pi huh? I feel the need to look into this myself. 😮

    1 Reply Last reply
    0
  • Sobo85S Offline
    Sobo85S Offline
    Sobo85
    wrote on last edited by
    #8

    Did a new install and had the same problem.

    But could fix it. On raspbian you have to replace bcyptjs with bcrypt and I guess that this was the reason for the problem (different hashes?!).

    So be aware of the correct install routine.
    In the rootpath of nodebb do the following:

    1. "npm install"
    2. "npm unlink bcryptjs && npm i bcrypt" and change <require("bcryptjs")> into <require("bcrypt")> in the bcrypt.js file (adapted from https://community.nodebb.org/topic/1591/login-not-possible)
    3. "./nodebb setup"
    4. "./nodebb start"
    1 Reply Last reply
    0
  • barisB Offline
    barisB Offline
    <baris> NodeBB
    wrote on last edited by
    #9

    bcrpytjs is a lot slower than bcrpyt so on the raspbian hashing the password was probably taking too long, I think it was taking up to minutes with bcryptjs.

    1 Reply Last reply
    0
  • Sobo85S Offline
    Sobo85S Offline
    Sobo85
    wrote on last edited by Sobo85
    #10

    Yes it took up to 10 minutes. 😉

    If bcryptjs is a lot slower, why are you using it as the default hashing module? What are its advantages in comparison to bcrypt?

    1 Reply Last reply
    0
  • barisB Offline
    barisB Offline
    <baris> NodeBB
    wrote on last edited by
    #11

    The reason we use bcrpytjs is because it requires no compilation and the speed is acceptable on modern hardware. You don't want your password hashing to be super fast either due to security reasons.

    You can still use bcrpytjs on raspbian but you would need to lower the bcrpyt_rounds setting from the default 12.

    julianJ 1 Reply Last reply
    0
  • julianJ Offline
    julianJ Offline
    julian GNU/Linux
    replied to <baris> on last edited by
    #12

    @baris said:

    You can still use bcrpytjs on raspbian but you would need to lower the bcrpyt_rounds setting from the default 12.

    Yeah, either lower the rounds, or if you don't mind compiling it (npm does it automatically), use bcrypt instead.

    1 Reply Last reply
    0

Copyright © 2023 NodeBB | Contributors
  • Login

  • Don't have an account? Register

  • Login or register to search.
Powered by NodeBB Contributors
  • First post
    Last post
0
  • Home
  • Categories
  • Recent
  • Popular
  • Top
  • Tags
  • Users
  • Groups
  • Documentation
    • Home
    • Read API
    • Write API
    • Plugin Development