RE: Docker NodeBB v0.5

great @Ben-Lubar ! Thanks

The cron tab is for what exactly ?

Thank you again, now it seems to work well!

Can you review the code and maybe test the module?
I would like to be sure that I have not forgot something.

https://github.com/LM1LC3N7/nodebb-plugin-private-forum

Thank you again, now it seems to work well!

Can you review the code and maybe test the module?
I would like to be sure that I have not forgot something.

https://github.com/LM1LC3N7/nodebb-plugin-private-forum

@PitaJ thanks!

Do you know if there is an helper to check if the user is connected?

FYI @julian and @PitaJ I have edited my last answer with new elements.

Hello guys,

I am starting to develop the plugin, but I did not understand how to add my code as a middleware and use the req object.
For now it is not working because I don't know how to get the req object (undefinied).

Here's my plugin:

'use strict';

const plugin = {};
var winston = module.parent.require('winston');
const helpers = require.main.require('./src/controllers/helpers');

plugin.init = function (params, callback) {

        const { app, middleware, router } = params;
        var allowedPages=["/login", "/register", "/reset"];

        console.log("==================================");
        console.log(" Plugin Private Forum Initialized ");
        console.log("==================================");

        if (allowedPages.indexOf(req.url) < 0) {
                helpers.notAllowed(req, res, next);
        } else {
                console.log("PLUGIN PRIVATE FORUM: req.url="+req.url+", user is logged");
                winston.log("PLUGIN PRIVATE FORUM: req.url="+req.url+", user is logged");
                next();
        }
};

module.exports = plugin;

You can see it here: https://github.com/LM1LC3N7/nodebb-plugin-private-forum/blob/master/library.js

Of course there are errors:

2020-06-03T15:55:06.696Z [4567/1731] - verbose: [plugins/fireHook] static:app.load
==================================
 Plugin Private Forum Initialized
==================================
2020-06-03T15:55:06.733Z [4567/1731] - error: [plugins] Error executing 'static:app.load' in plugin 'nodebb-plugin-private-forum'
2020-06-03T15:55:06.734Z [4567/1731] - error: ReferenceError: req is not defined
    at Object.plugin.init [as method] (/etc/nodebb/nodebb-plugin-private-forum/library.js:16:27)
    at /nodebb/src/plugins/hooks.js:176:30
    at /nodebb/node_modules/async/dist/async.js:2154:44
    at eachOfArrayLike (/nodebb/node_modules/async/dist/async.js:500:13)
    at eachOf (/nodebb/node_modules/async/dist/async.js:551:16)
    at awaitable (/nodebb/node_modules/async/dist/async.js:208:32)
    at Object.eachLimit (/nodebb/node_modules/async/dist/async.js:2216:16)
    at /nodebb/node_modules/async/dist/async.js:216:25
    at new Promise (<anonymous>)
    at Object.awaitable (/nodebb/node_modules/async/dist/async.js:211:20)

Maybe @julian or @PitaJ you can help me on this?

@julian I tried this already.
But this is not secure, as the API can still be requested manually (for example user pages are public).

Using a middleware I can filter all requests and only serve the login or register page.

Front code is not secure because the user can remove it.

@PitaJ I think I begin to understand the concept.
Using the following plugin.json my script can use the express object to intercept each requests?

{
    "id": "nodebb-plugin-private-forum",
    "url": "httls://github.com/..../.......",
    "library": "./private-forum.js",
    "hooks": [
        {  "hook": "static:app.load", "method": "init" }
    ]
}

I am not sure about the hook configuration.

This is the kind of code I would like to use in my plugin:

app.use(function(req, res, next) {
    if (req.session.user == undefined) {  
          return res.render('/login');
        }   
        else {
            next();
        }
    });

@PitaJ said in Private forum plugin:

What you want is to add a new middleware that applies to all routes except those related to login and register.

Yes, you are totally right.

Do you have in mind a plugin that add a middleware in static:app.load handler?
It will be faster to clone and edit it

I will take a look at the documentation.

Hello,

I would like to create a private forum using NodeBB but it seems that there is no real complete option or plugin to achieve this.

My idea is to add a new route that will be used before all. It will check if the user is connected (using the cookie).
If not : the request is blocked and redirected to /login, if yes, the request is allowed.

Workflow:

• A client send a request to NodeBB
• The request passes through this first route
• This route check if the user is logged in (based on its cookie)
  if no, redirect it to /login (Only /login and /register are allowed)
  if yes, the request is allowed

Can a NodeBB developper help me to:

• Confirm if it is possible to create a plugin that will add a new route at top level
• Where to add a route in order to be the first one called (I know Node.JS but not yet how to create a plugin for NodeBB).

Thanks a lot!

Problem solved, for the record I have added all file on my GitHub: https://github.com/LM1LC3N7/Dockerfiles/blob/master/nodebb/README.md