Get current user session

Jenine Liwanag

@PitaJ I think I have a similar problem with navix. I'm running nodebb forums in a server with this domain forum.myapp.com, and I have my main site in a cdn (as it's just React app) in a different domain myapp.com.

All login is handled on the forum site. In my main app, I need to know whether a current user is logged into the forum. I'm calling the forum api: forum.myapp.com/api/me from the main app and I'm getting "401 Unauthorized".

But going to forum.myapp.com/api/me directly from the browser returns the logged in user data.

I'm assuming it doesn't work because of a cookie not being set in the main app - as they are in a different domain. So are there any other way I can get the logged in user from the forum api?

Thank you!

PitaJ

@Jenine-Liwanag so first, are you calling it server side or client side? Second, have you set the Access-Control-Allow-Origin header in the NodeBB ACP to allow access from your other site.

You're fighting with CORS: https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS

Jenine Liwanag

@PitaJ I'm calling it on the client side, I'm using axios.get() to call the forum api. I have set the Access-Control-Allow-Origin to https://myapp.com - other api calls (ie. posts, tags) work just fine. Only when I call /api/me is when I get 401 Unauthorized. I tried calling /api/login but I get back an object that has loggedIn:false even tho a user is logged in the forums.

navix

Hello @PitaJ,
I want to check a user login or not from another website. I use Nodebb API /api/me and check it rsult from php curl.
This link I followed:
https://github.com/NodeBB/nodebb-plugin-write-api

I don't know why it always return "not-authorized" if call /api/me although others work fine (such as /api/users, api/uid/1,...).
Noted that, currently if I log in Nodebb, I will get current user with url <mydomain</api/me in another tab in the same Browser.

Butterfly

I have been searching days to find how to get the uid of the current user session in plugins.
I have a filter:parse.post

I read some stuff about express and socket.io but still failing to do so, I know this is an old topic but this is the most accurate to my descriptions

PitaJ

@butterfly in the payload of the hook, which you can console.log, there should be a uid field.

Butterfly

@pitaj Like so? parsePost: function(data, uid, callback){
Seems like I am getting the post and callback parameters, no uid of current user viewing the post

IF im correct you mean the uid would be in the payload that gets passed?
so as data.uid because this is undefined too

Butterfly

https://github.com/NodeBB/NodeBB/blob/master/src/posts/parse.js#L63
const data = await plugins.hooks.fire('filter:parse.post', { postData: postData });

Doesn't seem like uid is passed at all in this hook

PitaJ

@butterfly oh yeah actually that's one of the few hooks where no session uid is included. This is deliberate - the result of parse.post is cached across users so anyone using uid like that would be doing so in error.

Instead you should use posts.get or something like that.

Butterfly

THank you very much!