See this topic for breaking changes in 1.19.0 https://community.nodebb.org/post/86172. You can rename middleware.authenticateOrGuest to middleware.authenticateRequest
Get current user session
-
Hi,
So we're planning on switching from Discourse to NodeBB (currently sorting out a new set of forums ready for release). While NodeBB has been amazing so far, we've come into struggles with using a NodeBB account externally. In Discourse you can do http://example.com/session/current.json and get the current viewers user information. But with NodeBB we're unable to actually find a way of doing it.
I've tried looking around the NodeBB GitHub but found nothing. I have also tried making a plugin for it, but can't get it to work that way either. So I'd love to know if there is already a way or if someone can help me out with my plugin:
https://github.com/wrong7/nodebb-plugin-skunity/blob/master/skunity.jsAny and all help is appreciated!
Thank you
-
@baris Just a basic overview. Kinda like a JSON form of a users profile as if it was being viewed publicly. We do an AJAX request and get the information. Example from Discourse:
{ "current_user":{ "id":7, "username":"nfell2009", "avatar_template":"/user_avatar/nfell2009/{size}/3095_1.png", "name":"nfell2009", "total_unread_notifications":16, "unread_notifications":0, "unread_private_messages":0, "admin":false, "notification_channel_position":null, "site_flagged_posts_count":0, "moderator":true, "staff":true, "title":"Your friendly neighbourhood moderator", "reply_count":727, "topic_count":35, "enable_quoting":true, "external_links_in_new_tab":true, "dynamic_favicon":false, "trust_level":4, "can_edit":true, "can_invite_to_forum":true, "should_be_redirected_to_top":false, "disable_jump_reply":false, "custom_fields":null, "muted_category_ids":[ ], "dismissed_banner_key":null, "is_anonymous":false, "post_queue_new_count":0, "read_faq":true, "automatically_unpin_topics":true } }
Thanks for your reply
-
Hi all,
I am in stuck when trying to get current user via API.
I call api from remote iframe, but all worked fine such as /api/users, api/uid/1, except /api/me always return “no Authoried”.
Althought it returned correct data of current user if I called directly from the browser.
Thanks for any help. -
@navix what do you mean by "remote iframe"?
-
@PitaJ I think I have a similar problem with navix. I'm running nodebb forums in a server with this domain forum.myapp.com, and I have my main site in a cdn (as it's just React app) in a different domain myapp.com.
All login is handled on the forum site. In my main app, I need to know whether a current user is logged into the forum. I'm calling the forum api: forum.myapp.com/api/me from the main app and I'm getting "401 Unauthorized".
But going to forum.myapp.com/api/me directly from the browser returns the logged in user data.
I'm assuming it doesn't work because of a cookie not being set in the main app - as they are in a different domain. So are there any other way I can get the logged in user from the forum api?
Thank you!
-
@Jenine-Liwanag so first, are you calling it server side or client side? Second, have you set the
Access-Control-Allow-Origin
header in the NodeBB ACP to allow access from your other site.You're fighting with CORS: https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS
-
@PitaJ I'm calling it on the client side, I'm using axios.get() to call the forum api. I have set the Access-Control-Allow-Origin to https://myapp.com - other api calls (ie. posts, tags) work just fine. Only when I call
/api/me
is when I get 401 Unauthorized. I tried calling/api/login
but I get back an object that hasloggedIn:false
even tho a user is logged in the forums. -
Hello @PitaJ,
I want to check a user login or not from another website. I use Nodebb API /api/me and check it rsult from php curl.
This link I followed:
https://github.com/NodeBB/nodebb-plugin-write-apiI don't know why it always return "not-authorized" if call /api/me although others work fine (such as /api/users, api/uid/1,...).
Noted that, currently if I log in Nodebb, I will get current user with url <mydomain</api/me in another tab in the same Browser. -
-
@butterfly in the payload of the hook, which you can
console.log
, there should be auid
field. -
-
https://github.com/NodeBB/NodeBB/blob/master/src/posts/parse.js#L63
const data = await plugins.hooks.fire('filter:parse.post', { postData: postData });
Doesn't seem like uid is passed at all in this hook
-
@butterfly oh yeah actually that's one of the few hooks where no session uid is included. This is deliberate - the result of
parse.post
is cached across users so anyone usinguid
like that would be doing so in error.Instead you should use
posts.get
or something like that.