So after clearing all local data, deleting the session entries via CLI, restarting the server, etc...
I noticed that when I navigated to my forums this morning, I did not use the secure protocol URL I had in my config.json. 💩
where do we set SSL:no. Can you paste your config.json?
@codecowboy don't think there is a setting like that. Where did you get that from?
@pichalite SSL:No is mentioned higher up in this thread
@codecowboy he just said that he is not using SSL. There is no such setting.
@pichalite aha. My bad. I am stupid. Its a curse.
I had the exact same issue, I ended up going back to v1.0.3. Lucky me that there was no change in the database so I could just use git checkout v1.0.3 and then run npm install followed by ./nodebb upgrade and everything went back to a working state.
I'm using nginx with SSL, had the same issue with login/CSRF Token when migrated from 1.0.3 to 1.1.2, and, as described before but always good to remain, adding this to my nginx config (
/etc/nginx/sites-enabled/default in my case) saved my life, thank
proxy_set_header X-Forwarded-Proto $scheme;
for the record for people finding this via search, for apache2 you have to set this somewhere in your nodebb vhost configuration
RequestHeader set X-Forwarded-Proto "https"
RequestHeader set X-Forwarded-Proto "http"
you might have to enable mod_headers to do so!