NodeBB logged in user details api endpoint

Technical Support
  • Hi,

    I am a relatively new web developer, and wanted to know whether this was a good enough approach to my problem.

    I have nodebb forums running on a subdomain, and want some of the details of the logged in user to be available to my main domain. I do not want a full fledged sso system or something like that, as I want minimum hassle. I was thinking of the following method, and wanted whether this is feasible from a technical and security point of view.

    I was thinking of setting '.example.com' for my express cookie session so it is available on my main domain. From there, I can use this cookie to make a cURL request to a custom api endpoint on my forums, which basically returns the users details if the cookie can be authenticated.

    I hope someone can help me, as I am unsure from a security point of view whether it is feasible.

    Thanks


Suggested Topics


  • 0 Votes
    2 Posts
    202 Views

    Looks like the version of spam-be-gone on try.nodebb.org needs to be updated, the issue was fixed here https://github.com/akhoury/nodebb-plugin-spam-be-gone/commit/0872198eddd3f9e1bfc137be2e747ea8c58cca5a

  • 0 Votes
    5 Posts
    2k Views

    The key format is sess:id, where id matches the value found in express.sid

  • best OS for NodeBB

    Technical Support
    0 Votes
    15 Posts
    4k Views

    In this time I have run Nodebb on /Debian8/Arch/Ubuntu16/ and all runs perfect especially I liked work on arch cuz in arch very small load on ram and nodebb work faster/ but I have problem with plugin , they disappear))) when I install new plugin another plugin was lost and delete himself/ I have this problem on arch and Debian 8 / and only on Ubuntu 16 all work perfect, but Ubuntu have many processes on System wich load common system/

  • 0 Votes
    16 Posts
    5k Views

    @felirami I have it almost working properly on Digital Ocean, see if it works for you https://github.com/doppioslash/docker-builds

    My problem is, it's not answering on port 80 from my custom domain, even though it's exposed.

  • 0 Votes
    6 Posts
    2k Views
    I'm updating any plug-in. I'm throwing reset the system. Then I get a 502 error. Log as follows. Upgrade learn everything by going into the past.

    [cluster] Child Process (14718) has exited (code: 0, signal: null)

    24/8 12:32 [25466] - info: Time: Mon Aug 24 2015 12:32:01 GMT-0400 (EDT)

    24/8 12:32 [25466] - info: Initializing NodeBB v0.7.3

    Warning: Redis server does not require a password, but a password was supplied.

    Warning: Redis server does not require a password, but a password was supplied.

    Warning: Redis server does not require a password, but a password was supplied.

    [outdated] nodebb-plugin-composer-default v1.0.11, requires 1.0.9

    24/8 12:32 [25466] - warn: One or more of NodeBB's dependent packages are out-of-date. Please run the following command to update them:

    24/8 12:32 [25466] - warn: ./nodebb upgrade

    [cluster] Child Process (25466) has exited (code: 0, signal: null)