Solved Invalid CSRF on dev install

Tips
Log in to reply
  • phenomlab
    Admin
    Global Moderator

    I wanted to create a DEV instance of sudonix, so went ahead and registered sudonix.dev, installed NodeBB, then recovered the database.

    All good - apart from the fact that I consistently got the dreaded csrf invalid message… 😠

    Here’s the log extract

    2022-03-21T14:15:25.859Z [4571/91294] - info: Initializing NodeBB v1.19.5 https://sudonix.dev
2022-03-21T14:15:27.761Z [4571/91294] - info: [socket.io] Restricting access to origin: https://sudonix.dev:*
2022-03-21T14:15:27.858Z [4571/91294] - warn: [plugins] "@nodebb/nodebb-plugin-user-level" is active but not installed.
(node:91294) Warning: Accessing non-existent property 'padLevels' of module exports inside circular dependency
(Use `node --trace-warnings ...` to show where the warning was created)
2022-03-21T14:15:28.637Z [4571/91294] - warn: [plugins/load] DEPRECATION The hook filter:router.page has been deprecated as of v1.15.3, and slated for removal in v2.1.0. Please use response:router.page instead. The following plugins are still listening for this hook:
  * nodebb-plugin-write-api
2022-03-21T14:15:28.724Z [4571/91294] - info: [plugins/spam-be-gone] Settings loaded
2022-03-21T14:15:28.734Z [4571/91294] - info: [reputation-rules] settings loaded
2022-03-21T14:15:28.925Z [4571/91294] - info: [api] Adding 4 route(s) to `api/v3/plugins`
2022-03-21T14:15:28.936Z [4571/91294] - info: [router] Routes added
2022-03-21T14:15:28.947Z [4571/91294] - info: NodeBB Ready
2022-03-21T14:15:28.948Z [4571/91294] - info: Enabling 'trust proxy'
2022-03-21T14:15:28.950Z [4571/91294] - info: NodeBB is now listening on: 0.0.0.0:4571
2022-03-21T14:15:47.488Z [4571/91294] - error: [plugin/iframely] Could not parse embed: Failed to lookup view "partials/iframely-widget-card" in views directory "/home/sudonix.dev/nodebb/build/public/templates". Url: https://sudonix.com/topic/233/nodebb-welcome-message-with-logo-footer-change/3?_=1645445273209
Missing translation "2factor:title" for language "en-GB"
Missing translation "qanda:topic_solved" for language "en-GB"
Missing translation "qanda:topic_solved" for language "en-GB"
Missing translation "qanda:topic_solved" for language "en-GB"
Missing translation "qanda:topic_solved" for language "en-GB"
Missing translation "qanda:topic_unsolved" for language "en-GB"
Missing translation "qanda:topic_solved" for language "en-GB"
Missing translation "qanda:topic_solved" for language "en-GB"
Missing translation "qanda:topic_solved" for language "en-GB"
Missing translation "qanda:topic_solved" for language "en-GB"
Missing translation "qanda:topic_solved" for language "en-GB"
Missing translation "qanda:topic_solved" for language "en-GB"
Missing translation "qanda:menu.solved" for language "en-GB"
Missing translation "qanda:menu.solved" for language "en-GB"
2022-03-21T14:15:48.899Z [4571/91294] - error: POST /logout
invalid csrf token

    Tried clearing cache, no dice. Tried incognito mode, no dice.

    After some significant head scratching, it suddenly dawned on me that the cookie domain would need to be reset as this is a PROD database replica in a new domain.

    To do this.

    1. Open the mondogb console
    2. Select your database - in my case use sudonixdev;
    3. Issue this command db.objects.update({_key: "config"}, {$set: {cookieDomain: ""}});
    4. Restart nodebb

    Problem solved - able to login 🙂

    2
  • Topic has been marked as solved  phenomlab phenomlab 
  • Moved from Configure by  phenomlab phenomlab 
  • Referenced by  phenomlab phenomlab 
If this topic and the associated threads resolved an issue for you, or was useful, why not buy me a coffee? It's a nice gesture, and there's other ways to donate if you wish 💗

Discover More