Community

Upgrading to 6.0... CSRF token error. [solved]

General Discussion
  • K

    @a_5mith
    yep, while trying to install 6.0 it broke the whole website. lol. How do I downgrade?

    A 1 Reply
    0
  • julianJ

    Depends how it broke. If you've upgraded the database, there is no going back unless you backed up your database before upgrading.

    What errors do you see? Most likely a plugin you installed needs upgrading.

    0
  • A

    @kevin as Julian said (and me in my first post actually), you don't. That's why its considered unstable/development. Look through your logs, for where it failed and post here. It will say something like can not find x of undefined or something, then the line below will be the location, if the location is a plugin you've installed, run npm install [email protected]

    Do this for each error.

    0
  • K

    I cant log in, I just get "Failed login attempt, please try again. Forbidden"

    24/11 21:47 [3644] - error: /login
 Error: invalid csrf token
at module.exports (/root/nodebb/node_modules/csurf/node_modules/http-errors/index.js:32:16)
at verifytoken (/root/nodebb/node_modules/csurf/index.js:237:11)
at csrf (/root/nodebb/node_modules/csurf/index.js:100:7)
at Layer.handle [as handle_request] (/root/nodebb/node_modules/express/lib/router/layer.js:82:5)
at next (/root/nodebb/node_modules/express/lib/router/route.js:100:13)
at Route.dispatch (/root/nodebb/node_modules/express/lib/router/route.js:81:3)
at Layer.handle [as handle_request] (/root/nodebb/node_modules/express/lib/router/layer.js:82:5)
at /root/nodebb/node_modules/express/lib/router/index.js:235:24
at Function.proto.process_params (/root/nodebb/node_modules/express/lib/router/index.js:313:12)
at /root/nodebb/node_modules/express/lib/router/index.js:229:12

    and also can't register either.

    24/11 22:39 [1094] - error: /register
Error: invalid csrf token
at module.exports (/root/nodebb/node_modules/csurf/node_modules/http-errors/index.js:32:16)
at verifytoken (/root/nodebb/node_modules/csurf/index.js:237:11)
at csrf (/root/nodebb/node_modules/csurf/index.js:100:7)
at Layer.handle [as handle_request] (/root/nodebb/node_modules/express/lib/router/layer.js:82:5)
at next (/root/nodebb/node_modules/express/lib/router/route.js:100:13)
at Route.dispatch (/root/nodebb/node_modules/express/lib/router/route.js:81:3)
at Layer.handle [as handle_request] (/root/nodebb/node_modules/express/lib/router/layer.js:82:5)
at /root/nodebb/node_modules/express/lib/router/index.js:235:24
at Function.proto.process_params (/root/nodebb/node_modules/express/lib/router/index.js:313:12)
at /root/nodebb/node_modules/express/lib/router/index.js:229:12
    K 1 Reply
    0
  • K

    Fixed. Had to remove all the <input CSRF> references in login.tpl, register.tpl and the header.tpl.

    0
  • julianJ

    @kevin It sounds like your vanilla and lavender theme packages were not updated along with core.

    1
  • ShardS

    Oho! That might be the issue with my plugin as Im running a sloppily forked theme.

    1
  • ShardS

    Sadly, i don't seem to be able to verify this. But it was a good excuse to prune presently duplicate files from my theme.

    It appears that something has broken my plugin as well as the imgur plugin I based it on.

    I suspect this error is relevant

    warn: [hotswap] Could not find router in stack with hotswapId auth

    or this one:

    warn: [hotswap] Could not find router in stack with hotswapId plugins

    I'm still digging through the plugin changes.

    Running HEAD as of about half an hour ago.

    0
  • ShardS

    https://community.nodebb.org/topic/2750/new-relic-nodejs-agent-is-not-compatible-with-nodebb-forum/3

    Doh.

    0
  • ShardS

    And yes, cleaning out the stale, stray files from when I originally cloned off of vanilla fixed the csrf issues I was having.

    0

Suggested Topics

Copyright © 2023 NodeBB | Contributors