NodeBB logged in user details api endpoint

Technical Support
  • Hi,

    I am a relatively new web developer, and wanted to know whether this was a good enough approach to my problem.

    I have nodebb forums running on a subdomain, and want some of the details of the logged in user to be available to my main domain. I do not want a full fledged sso system or something like that, as I want minimum hassle. I was thinking of the following method, and wanted whether this is feasible from a technical and security point of view.

    I was thinking of setting '.example.com' for my express cookie session so it is available on my main domain. From there, I can use this cookie to make a cURL request to a custom api endpoint on my forums, which basically returns the users details if the cookie can be authenticated.

    I hope someone can help me, as I am unsure from a security point of view whether it is feasible.

    Thanks


Suggested Topics


  • 0 Votes
    2 Posts
    434 Views
  • 0 Votes
    1 Posts
    961 Views
  • 0 Votes
    28 Posts
    11218 Views
  • nodebb.conf is blank

    Technical Support
    0 Votes
    12 Posts
    2334 Views
  • 3 Votes
    3 Posts
    1901 Views