Values to add to email templates

Hi. Is there a list of values I can add to my email templates - I can see reference to {notification_url} but I'd like to see what else I can add to my templates.

Thanks!

Hi
I want to password protect access to my forum - so a prompt for creds in advance of even seeing the forum. I have added this feature in NGINX, and it does what I expect in terms of prompting before access. My problem is, that when I add this, I get caught in a loop with the following message continously displayed:

"It looks like your login session is no longer active. Please refresh this page."

I am then unable to login, or even read the forum without this message appearing.

What can I do about this? Is there another way to protect access?

Thanks in advance
M

Hi
I wanted to use the API to post content to nodebb. I've switched on the Allow HTML feature under composer and then I installed plugin-sanitizehtml and restarted. I can't see how I can specify which tags are ok for posted content - plugin-sanitizehtml doesn't seem to offer any options. How can I have HTML allowed but make sure its safe?

Thanks

Thanks for the suggestions - I've installed Node-windows to get it set up as a service but so far have been unable to make nodebb start.

Has anybody else used node-windows successfully with nodebb? If so, how do you set up the script for the service?

Hi,
Every so often my nodebb (running on Windows), stops working and I get a 502 error message. I restart it on the command line and its fine again.

Can anyone advise how I can set up on Windows to get the it to restart automatically if it stops running? Running nodebb start manually works fine but I'm not sure how to make that into a service on windows that keeps it running.

Thanks in advance
M

@mattdjuk This could be something (clutching at straws a bit here)...

I was just looking in the cookies, I see these:

It has 2 express.sid cookies

1 is for forum.$$$$$$$.co.uk and the other is for .$$$$$$$.co.uk

@cagatay Done that. config.json is...

{
"url": "https://forum..co.uk",
"secret": "",
"database": "mongo",
"mongo": {
"host": "127.0.0.1",
"port": "27017",
"username": "nodebb",
"password": "********",
"database": "nodebb",
"uri": ""
},
"port": "4567"
}

@cagatay My colleague is having the same issue too, on a different IP

@mattdjuk Unfortunately the problem remains - a constant loop of session error warning messages. This is across all browsers - I did originally believe Edge was unaffected.

I've tried clearing cache
I've run though the list of things in this thread
I've rebuild completely on a new VM

None of these things resolve this problem.

Further, I have now removed the SSL and am accessing it on http. I no longer see the session error message on a loop, but I am unable to login, getting...

http://forum.************.co.uk/login?error=csrf-invalid

Does anyone have any suggestions that I haven't tried? This is running on V2.0

@phenomlab It seems to have resolved for me but I'll set it aside until tomorrow and see what happens. So far I have managed to get it logged in using an incog browser, but not through Chrome in a regular way.

@mattdjuk And now with the domain name, it doesn't work.

Trying to login, I see /login?error=csrf-invalid

@phenomlab

I've now set up a completely fresh install on another VM. I have removed the domain for now and I'm running it on the IP address only and its not having similar issues. Once the dns resolves to the new location, I'll try and get it working with the domain.

@phenomlab

I've just noticed this in when I run the site as dev...

info: NodeBB is now listening on: 0.0.0.0:4567

In the Nginx config, it has

proxy_pass http://127.0.0.1:4567

Any connection do you think?

@phenomlab You're right - as soon as I logged out from Edge, it started doing the same thing.

@phenomlab I've just run this again. The first refresh, I actually got the screen without the session warning, but then the next time I refreshed, it was back.

Same error in the logs, and everything working fine in Edge.

@phenomlab Sure, will do. thanks

@phenomlab I tried both, but its currently without the /

Edge works fine. I can use the site without issue. Its just Chrome.

The only thing I can see in the admin logs on /admin is this

022-05-24T15:16:43.080Z [4567/165874] - error: POST /logout
invalid csrf token

in the inspect tools in Chrome I see...

nodebb.min.js?v=eau0luijpea:2 POST https://forum.**********.co.uk/logout 403 (Forbidden)

@phenomlab

Tried both in the config - with and without a trailing slash, e.g.

url": "http://forum.*******.co.uk"

and

url": "http://forum.*******.co.uk/"

Makes no difference

@phenomlab Unfortunately it doesn't help. I can use Edge to log in to the admin area and it has a load of these errors:

POST /logout
invalid csrf token

Edge is fine, Chrome (normal, incognito) doesn't work and keeps prompting.

Further to this - I can now get the site to show without the session error popup, but only when I use an incognito window. So far Chrome remains stuck with the pop up when I use it normally.