Login seems succesfull but does not actually logs user in.

  • I've setup NodeBB 1.2.1. on Ubuntu14.04 successfully and managed to register few users. Now I have an issue during login which says login has been succesfull and the app shows a welcome screen, but user actually does not seem to be logged in; it still shows Register and Login buttons at the top right of the screen. Would anyone have come across similar issue before or know how to solve it?

  • Check out ACP->Settings->Cookies

    "domain for session cookie"

  • @alff0x1f Thanks, what exactly should I set there? I cannot seem to able to login even to the ACP because of this issue.

  • @igor you must set your domain for cookie.
    For example ".community.nodebb.org" for this forum.

  • @alff0x1f I can't seem to be able to login into the APC as everytime when I try to, it seems to login, goes to the next screen but I'm not logged in. It says: "WELCOME BACK GUEST!
    You have successfully logged in". But I'm still shown Login and Register buttons.

  • Global Moderator Plugin & Theme Dev

    @igor have you tried disabling all plugins?

  • GNU/Linux Admin

    The common causes for a session mismatch error are usually one of the following:

    1. Mis-configured URL parameter in your config.json file

    If you have a misconfigured url value in your config.json file, the cookie may be saved incorrectly (or not at all), causing a session mismatch error. Please ensure that the link you are accessing your site with and the url defined match.

    2. Improper/malformed cookieDomain set in ACP

    Sometimes admins set this value without realising that they probably don't need to set it at all. The default is perfectly fine. This is what the config looks like:

    Cookie Domain setting

    If this is set, you'll want to revert the setting by editing your database directly:

    Redis: hdel config cookieDomain
    MongoDB: db.objects.update({ _key: "config" }, { $set: "cookieDomain": "" });

    3. Missing X-Forwarded-Proto header from nginx/apache

    If you are using a reverse proxy, you will need to have nginx pass a header through to NodeBB so it correctly determines the correct cookie secure property.

    In nginx, you will need to add the directive like so:

    location / {
        proxy_set_header X-Forwarded-Proto $scheme;

  • For Apache:

    ProxyPassReverseCookiePath /nodebb /
    RequestHeader set X-Forwarded-Port "443"
    RequestHeader set X-Forwarded-Proto "https"

Suggested Topics

| |