Failed login attempt, forbidden, invalid csrf token

amarinelli

I have a fresh install of NodeBB v0.8.1 on Ubuntu (Microsoft Azure VM). Installation and config went smoothly as well as registering a few initial users, etc.

A few hours later new users as well as myself are consistently getting a Forbidden error when trying to login or register a new account.

./nodebb log simply says invalid csrf token for the /register and /login routes.

There have been a few other posts on here spanning the last several months regarding invalid csrf tokens. Some hint at solutions involving DNS propogation or resetting the themes.

Using redis-server 3.0.3
Current theme: Persona v2.1.25
Git hash: 8ff79af6b916b1741f957968f7cab06b68a406b2

Thanks for any ideas.

amarinelli

UPDATE

While troubleshooting an issue with the email plugin, we added our site domain in ACP settings > advanced > domain-settings.

Removing these two domains back to their defaults (blank) immediately solved the invalid csrf token issues.

amarinelli

(can't mark this as Solved ... does a moderator need to do this or are there just issues with Q&A plugin?)

julian

Thanks for the update @amarinelli