Get current user session

nfell2009

Hi,

So we're planning on switching from Discourse to NodeBB (currently sorting out a new set of forums ready for release). While NodeBB has been amazing so far, we've come into struggles with using a NodeBB account externally. In Discourse you can do http://example.com/session/current.json and get the current viewers user information. But with NodeBB we're unable to actually find a way of doing it.

I've tried looking around the NodeBB GitHub but found nothing. I have also tried making a plugin for it, but can't get it to work that way either. So I'd love to know if there is already a way or if someone can help me out with my plugin:
https://github.com/wrong7/nodebb-plugin-skunity/blob/master/skunity.js

Any and all help is appreciated!

Thank you

nfell2009

Anyone?

baris

We could possibly add a /api/me page that returns some info about the current logged in user. What kind of info you need?

nfell2009

@baris Just a basic overview. Kinda like a JSON form of a users profile as if it was being viewed publicly. We do an AJAX request and get the information. Example from Discourse:

{
   "current_user":{
      "id":7,
      "username":"nfell2009",
      "avatar_template":"/user_avatar/nfell2009/{size}/3095_1.png",
      "name":"nfell2009",
      "total_unread_notifications":16,
      "unread_notifications":0,
      "unread_private_messages":0,
      "admin":false,
      "notification_channel_position":null,
      "site_flagged_posts_count":0,
      "moderator":true,
      "staff":true,
      "title":"Your friendly neighbourhood moderator",
      "reply_count":727,
      "topic_count":35,
      "enable_quoting":true,
      "external_links_in_new_tab":true,
      "dynamic_favicon":false,
      "trust_level":4,
      "can_edit":true,
      "can_invite_to_forum":true,
      "should_be_redirected_to_top":false,
      "disable_jump_reply":false,
      "custom_fields":null,
      "muted_category_ids":[

      ],
      "dismissed_banner_key":null,
      "is_anonymous":false,
      "post_queue_new_count":0,
      "read_faq":true,
      "automatically_unpin_topics":true
   }
}

Thanks for your reply

baris

Alright since we already have this data when you go to /api/user/<userslug> we can just return the same info when you go to /me.

nfell2009

@baris That would be perfect!

navix

Hi all,
I am in stuck when trying to get current user via API.
I call api from remote iframe, but all worked fine such as /api/users, api/uid/1, except /api/me always return “no Authoried”.
Althought it returned correct data of current user if I called directly from the browser.
Thanks for any help.

PitaJ

@navix what do you mean by "remote iframe"?

Jenine Liwanag

@PitaJ I think I have a similar problem with navix. I'm running nodebb forums in a server with this domain forum.myapp.com, and I have my main site in a cdn (as it's just React app) in a different domain myapp.com.

All login is handled on the forum site. In my main app, I need to know whether a current user is logged into the forum. I'm calling the forum api: forum.myapp.com/api/me from the main app and I'm getting "401 Unauthorized".

But going to forum.myapp.com/api/me directly from the browser returns the logged in user data.

I'm assuming it doesn't work because of a cookie not being set in the main app - as they are in a different domain. So are there any other way I can get the logged in user from the forum api?

Thank you!

PitaJ

@Jenine-Liwanag so first, are you calling it server side or client side? Second, have you set the Access-Control-Allow-Origin header in the NodeBB ACP to allow access from your other site.

You're fighting with CORS: https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS

Jenine Liwanag

@PitaJ I'm calling it on the client side, I'm using axios.get() to call the forum api. I have set the Access-Control-Allow-Origin to https://myapp.com - other api calls (ie. posts, tags) work just fine. Only when I call /api/me is when I get 401 Unauthorized. I tried calling /api/login but I get back an object that has loggedIn:false even tho a user is logged in the forums.

navix

Hello @PitaJ,
I want to check a user login or not from another website. I use Nodebb API /api/me and check it rsult from php curl.
This link I followed:
https://github.com/NodeBB/nodebb-plugin-write-api

I don't know why it always return "not-authorized" if call /api/me although others work fine (such as /api/users, api/uid/1,...).
Noted that, currently if I log in Nodebb, I will get current user with url <mydomain</api/me in another tab in the same Browser.

Butterfly

I have been searching days to find how to get the uid of the current user session in plugins.
I have a filter:parse.post

I read some stuff about express and socket.io but still failing to do so, I know this is an old topic but this is the most accurate to my descriptions

PitaJ

@butterfly in the payload of the hook, which you can console.log, there should be a uid field.

Butterfly

@pitaj Like so? parsePost: function(data, uid, callback){
Seems like I am getting the post and callback parameters, no uid of current user viewing the post

IF im correct you mean the uid would be in the payload that gets passed?
so as data.uid because this is undefined too

Butterfly

https://github.com/NodeBB/NodeBB/blob/master/src/posts/parse.js#L63
const data = await plugins.hooks.fire('filter:parse.post', { postData: postData });

Doesn't seem like uid is passed at all in this hook

PitaJ

@butterfly oh yeah actually that's one of the few hooks where no session uid is included. This is deliberate - the result of parse.post is cached across users so anyone using uid like that would be doing so in error.

Instead you should use posts.get or something like that.

Butterfly

THank you very much!