So after clearing all local data, deleting the session entries via CLI, restarting the server, etc...
I noticed that when I navigated to my forums this morning, I did not use the secure protocol URL I had in my config.json. 💩
SOLVED Failed login attempt, forbidden, invalid csrf token
-
I have a fresh install of NodeBB v0.8.1 on Ubuntu (Microsoft Azure VM). Installation and config went smoothly as well as registering a few initial users, etc.
A few hours later new users as well as myself are consistently getting a
Forbiddenerror when trying to login or register a new account../nodebb logsimply says invalid csrf token for the/registerand/loginroutes.There have been a few other posts on here spanning the last several months regarding invalid csrf tokens. Some hint at solutions involving DNS propogation or resetting the themes.
Using redis-server 3.0.3
Current theme: Persona v2.1.25
Git hash:8ff79af6b916b1741f957968f7cab06b68a406b2Thanks for any ideas.
-
UPDATE
While troubleshooting an issue with the email plugin, we added our site domain in ACP settings > advanced > domain-settings.
Removing these two domains back to their defaults (blank) immediately solved the
invalid csrf tokenissues. -
(can't mark this as Solved ... does a moderator need to do this or are there just issues with Q&A plugin?)
-
Thanks for the update @amarinelli
