[nodebb-plugin-write-api] Trouble when trying to add new user using the Write-API Plugin and CURL
-
Hi everybody,
After installing the Write-API Plugin under NodeBB, and after that I generated a MASTER_TOKEN using the interface,
I'm trying to add a new user in my distant NodeBB installation using CURL in a command console with the following command :curl -v --insecure -H "Authorization: Bearer MASTER_TOKEN_HERE"
--data "_uid=1&username=SomeUsername&password=SomeWord&email=toto@gmail.com"
https://myinstance.nodebb.com/api/v1/usersBut I get the answer
"Cannot POST /api/v1/users"
Could someone help me to fix this ?
Thank you very much !!
-
Hello there -- just got back from out of country, so apologies if you've been struggling with this awhile:
It doesn't look like you specified a proper URL in the cURL command...
-
Hello @julian Thank you for your answer. Could you be more precise when you say that "it doesn't look like I specified a proper URL in the cURL command" ?
Are you talking about the URL "https://myinstance.nodebb.com/api/v1/users" ? What's the problem concerning this URL, according to you ?
I must precise that in my URL, myinstance is the name of my official instance under nodebb. So, there isn't any problem on that point.
-
@Tanguy-Bodin-Hullin If you don't wish to publicise your instance here, can you send me it via private message?
-
When I use the same command using unsecured HTTP, it's working, and the new user is added to NodeBB. But in HTTPS it doesn't. So, could it be a problem with your SSL certificate ?
-
Ah yes, that'd be it
By default our hosted instances don't have SSL configuration options set. Would you like SSL termination enabled for your account? It is included in your monthly hosting costs.
-
Yes !!
Thank you very much 
(I'm thinking that it would be useful that the API-Write plugin sends a message "SSL is not activated" in that case, because we spend some time trying to understand that problem).
-
Keep in mind if you use your own domain, you are responsible for the cost of the SSL cert. If you want to continue using our domain (
.nodebb.com), then we can set it up for you.
-
Yes, it's ok, and thank you for these information, and we would like SSL to be set up on the xxxxx.nodebb.com domain.
-
@julian A good reminder, Lets Encrypt comes out in ~3 weeks.
-
@Kowlin said:
@julian A good reminder, Lets Encrypt comes out in ~3 weeks.
Too bad our wildcard cert expires before then
Edit: Actually, I just checked again, it expires a month from now, but afaik Let's Encrypt won't issue Wildcards just yet, so I renewed anyway. Those bloodsuckers have gotten me for another year!
-
Now, when I'm just sending the following url from Chrome : https://xxxxxxx.nodebb.com/api/v1/users
I get the message
{"code":"upgrade-required","message":"HTTPS is required for requests to the write api, please re-send your request via HTTPS","params":{}}I receive the same message with the precedent CURL command (given in the first post)
-
Can you try disabling the option to require https in the write api? As you're using https, it seems like that detection isn't quite working as it should...
-
Thank you.
I did disable the option in the API-write module, and now it's working in a shell terminal when I send the above CURL command.
But when I try to use CURL in HTTPS within my PHP program,
I get this message (401) : A valid login session was not found. Please log in and try again.
I don't understand why I get this message, because :- I'm sending the Master token in the Header by calling the PHP function curl_setopt with the option CURLOPT_HTTPHEADER
- I try to send the credentials (login/password) by calling the PHP function curl_setopt with the option CURLOPT_USERPWD and login/password.
