Re: Unable to log in after turning off cloudflare proxy
-
@baris Not related to this, but I am also facing a problem due to csrf token. I earlier used cloudflare SSL on my nodebb instance but now have turned it off because it was giving issues with loading media for federated accounts. My account was auto logged off and now I cannot login. Everytime I try to login, I get the error "Login Unsuccessful
We were unable to log you in, likely due to an expired session. Please try again" and the url bar shows/login?error=csrf-invalidThis happens both for admin as well as non-admin user. I have turned on-off-on as well as restarted both nodebb and nginx but the problem remains. Any suggested solution?
-
@baris Not related to this, but I am also facing a problem due to csrf token. I earlier used cloudflare SSL on my nodebb instance but now have turned it off because it was giving issues with loading media for federated accounts. My account was auto logged off and now I cannot login. Everytime I try to login, I get the error "Login Unsuccessful
We were unable to log you in, likely due to an expired session. Please try again" and the url bar shows/login?error=csrf-invalidThis happens both for admin as well as non-admin user. I have turned on-off-on as well as restarted both nodebb and nginx but the problem remains. Any suggested solution?
Couple things to check.
- Make sure url in config.json is same as the url you use to access the site.
- Make sure your load balancer is configured properly for ssl.
-
@baris Not related to this, but I am also facing a problem due to csrf token. I earlier used cloudflare SSL on my nodebb instance but now have turned it off because it was giving issues with loading media for federated accounts. My account was auto logged off and now I cannot login. Everytime I try to login, I get the error "Login Unsuccessful
We were unable to log you in, likely due to an expired session. Please try again" and the url bar shows/login?error=csrf-invalidThis happens both for admin as well as non-admin user. I have turned on-off-on as well as restarted both nodebb and nginx but the problem remains. Any suggested solution?
Can you try in incognito, and see whether that works? If so, then you need to clear all of your session cookies on your main browser session.
-
S support@community.nodebb.org shared this topic
System shared this topic -
@julian Same problem in incognito also.
-
@baris Point 1 is checked. I also think the problem is with nginx. Sharing my nginx conf file because I could not figure out the problem.
upstream io_nodes { ip_hash; server 127.0.0.1:4567; server 127.0.0.1:4568; } server { server_name ekk.app; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host; proxy_set_header X-NginX-Proxy true; proxy_redirect off; # Socket.io Support proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; gzip on; gzip_min_length 1000; gzip_proxied off; gzip_types text/plain application/xml text/javascript application/javascript application/x-javascript text/css application/json; location [@nodebb](https://community.nodebb.org/user/nodebb) { proxy_pass http://io_nodes; } location ~ ^/assets/(.*) { root /home/debian/nodebb/; try_files /build/public/$1 /public/$1 [@nodebb](https://community.nodebb.org/user/nodebb); } location / { proxy_pass http://io_nodes; } listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/ekk.app/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/ekk.app/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server { if ($host = ekk.app) { return 301 https://$host$request_uri; } # managed by Certbot listen 80; server_name ekk.app; return 404; # managed by Certbot } -
Try adding
proxy_set_header X-Forwarded-Proto $scheme;afterproxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; -
@baris You are a wizard!!! That really solved the issue.
-
@bh4-tech Not really, it's from our docs here https://docs.nodebb.org/configuring/proxies/nginx/#basic-with-ssl
-
@bh4-tech Not really, it's from our docs here https://docs.nodebb.org/configuring/proxies/nginx/#basic-with-ssl
@baris Yeah noticed it now. Actually, I also setup the nginx configuration following nodebb docs, specially the one for utilising multiple(2) cores for nodebb, but somehow missed the line related to protocol. Thanks a lot again.
