new user registration in development

link

hrod
Members 10 posts

Aug. 9, 2020, 5:28 a.m. Aug. 9, 2020, 5:28 a.m.
link

If I clone Misago & run it with ./dev init & docker-compose up, when I try to register a new user, after filling the form & pressing Register account, I get this error :
Your request was rejected because your Browser didn't send the CSRF cookie, or the cookie was sent invalid
I think the problem happens when Django csrf middleware compares the 2 csrf tokens.
But the browser is actually sending 3 csrf tokens. Here are the two relevant headers :
Cookie: misagocsrftoken=TcoSGGsZxZd7VUnzELIDCk8PWmyH0HdlI104obbiyPHETszgBt5Qk5QPSD5XBPFD;csrftoken=va4PO9XeIIWiRcnWf3ptTiavJLj5bN8LKHlCAFuGvVjSGr8innGo82g0ULXzv7mo; djdt=hide; sessionid=7kq2qap6wg05ddwq0zibh8eic1xg7my7
...
X-CSRFToken: TcoSGGsZxZd7VUnzELIDCk8PWmyH0HdlI104obbiyPHETszgBt5Qk5QPSD5XBPFD
That doesn't happen when I install misago_docker in a Digitalocean droplet.
Am I doing something wrong ?
link

rafalp
Project Lead 1918 posts

Aug. 10, 2020, 12:39 a.m. Aug. 10, 2020, 12:39 a.m.
link

This is weird and I am not experiencing this myself. Did you customize settings.py or did anything else to the repo?
misagocsrftoken is cookie name used by misago_docker. Main repo uses csrftoken. Likewise misago_docker uses misagosessionid while main repo uses sessionid.
link

hrod
Members 10 posts

Aug. 10, 2020, 1:33 a.m. Aug. 10, 2020, 1:33 a.m.
link

Oh !. That make sense. I was previously playing with misago_docker in my local development & it's cookies where still in the browser. Well, I learned something today.
BTW, I submitted a pull request. There's probably something wrong, so feel free to make any recommendations or changes needed. thanks.