ubuntu – cookie is lost on refresh using nginx as proxy_reverse. I like the cookie and would like to keep it set in the browser

I’m new to Nginx and ubuntu – have been with windows server for over a decade and this is my first try to use ubuntu and Nginx so feel free to correct any wrong assumption I write here 🙂

my setup: I have an expressjs app (node app) running as an upstream server. I have front app – built in svelte- access the expressjs/node app through Nginx proxy_reverse. Both ends are using letsencrypt and cors are set as you will see shortly.

When I run front and back apps on localhost, I’m able to login, set two cookies to the browser and all endpoints perform as expected.

When I deployed the apps I ran into weird issue. The cookies are lost once I refresh the login page. Added few flags to my server block but no go.

I’m sure there is a way – I usually find a way – but this issue really beyond my limited knowledge about Nginx and proxy_reverse setup. I’m sure it is easy for some of you but not me. I hope one of you with enough knowledge point me in the right direction or have explanation to how to fix it.

Here is the issue:
my front is available at travelmoodonline.com. Click on login. Username : mongo@mongo.com and password is 123.
inspect dev tools network. Header and response are all set correctly. Check the cookies tab under network once you login and you will get two cookies, one accesstoken and one refreshtoken.

Refresh the page. Poof. Tokens are gone. I no longer know anything about the user. stateless.

In localhost, I refresh and the cookies still there once I set them. In Nginx as proxy, I’m not sure what happens.

So my question is : How to fix it so cookies are set and sent with every req? Why the cookies disappear? Is it still there in memory somewhere? Is the path wrong? Or the cockies are deleted once I leave the page so if I redirect the user after login to another page, the cookies are not showing in dev tools.

My code :
node/expressjs server route code to login user:

app.post('/login',  (req, res)=>{
   //get form data and create cookies
   res.cookie("accesstoken", accessToken, { sameSite: 'none', secure : true });  
   res.cookie("refreshtoken", refreshtoken, { sameSite: 'none', secure : true }).json({ 
   "loginStatus": true, "loginMessage": "vavoom : doc._id })      

 }

Frontend – svelte – fetch route with a form to collect username and password and submit it to server:

    function loginform(event){
  username = event.target.username.value;
  passwordvalue = event.target.password.value;

  console.log("event username: ", username);
  console.log("event password : ", passwordvalue);

  async function asyncit (){
   
  let response = await fetch('https://www.foodmoodonline.com/login',{
  method: 'POST',
  origin : 'https://www.travelmoodonline.com',
  credentials : 'include',
  headers: {
  'Accept': 'application/json',
  'Content-type' : 'application/json'
  },
  body: JSON.stringify({
  //username and password
  })

  }) //fetch

Now my Nginx server blocks :

# Default server configuration
#
server {
    
    listen 80 default_server;
    listen (::):80 default_server;  

    root /var/www/defaultdir;
    index index.html index.htm index.nginx-debian.html;

    server_name _; 
    location / {
        try_files $uri $uri/ /index.html;
    }

   }



#  port 80 with www

server {
    listen 80;
    listen (::):80;


    server_name www.travelmoodonline.com;

    root /var/www/travelmoodonline.com;

    index index.html;

    location / {
        try_files $uri $uri/ /index.html;
    }

    return 308 https://www.travelmoodonline.com$request_uri; 

}

#  port 80 without wwww
server {
    listen 80;
    listen (::):80;

    server_name travelmoodonline.com;

    root /var/www/travelmoodonline.com;
 
    index index.html;

    location / {
        try_files $uri $uri/ /index.html;
    }

    return 308 https://www.travelmoodonline.com$request_uri;
}



# HTTPS server (with www) port 443 with www

server {
    listen 443 ssl;
    listen (::):443 ssl;
    add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";
    server_name www.travelmoodonline.com;    
    root /var/www/travelmoodonline.com;
    index index.html;    
    
    
    
    ssl_certificate /etc/letsencrypt/live/travelmoodonline.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/travelmoodonline.com/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

    location / {
        try_files $uri $uri/ /index.html;       
    }
    

}


# HTTPS server (without www) 
server {
    listen 443 ssl;
    listen (::):443 ssl;
     add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";
    server_name travelmoodonline.com;
    root /var/www/travelmoodonline.com;
    index index.html;
   

    location / {
        try_files $uri $uri/ /index.html;       
    }
    
    ssl_certificate /etc/letsencrypt/live/travelmoodonline.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/travelmoodonline.com/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

    
   }






server {

    server_name foodmoodonline.com www.foodmoodonline.com;

#   localhost settings
    location / {
        proxy_pass http://localhost:3000;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_set_header Host $host;
        proxy_cache_bypass $http_upgrade;

    
    #    proxy_cookie_path / "/; secure; HttpOnly; SameSite=strict";
    #   proxy_pass_header  localhost;

    #    proxy_pass_header Set-Cookie;
    #    proxy_cookie_domain localhost $host;
    #   proxy_cookie_path /; 

    }

    listen (::):443 ssl; # managed by Certbot
    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/foodmoodonline.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/foodmoodonline.com/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}

server {
    if ($host = www.foodmoodonline.com) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


    if ($host = foodmoodonline.com) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


    listen 80;
    listen (::):80;
    server_name foodmoodonline.com www.foodmoodonline.com;
    return 404; # managed by Certbot

}

I tried 301-302-307 and 308 after reading about some of them covers the GET and not POST but didn’t change the behavior I described above. Why the cookie doesn’t set/stay in the browser once it shows in the dev tools. Should I use rewrite instead of redirect???? I’m lost.

Not sure is it nginx proxy_reverse settings I’m not aware of or is it server block settings or the ssl redirect causing the browser to loose the cookies but once you set the cookie, the browser suppose to send it with each req. What is going on here?

Thank you for reading.

How to set the default command, with options, to open a file on MacOS?

How to set the default command, with options, to open a file on MacOS? – Ask Different

magento2.3 – Composer can’t install any module due to “Your requirements could not be resolved to an installable set of packages”

Running 2.3.6
When I try to install any module via composer I get the following error:

 ()$ COMPOSER_MEMORY_LIMIT=-1 composer require stripe/stripe-php:^7
Warning from https://repo.packagist.org: You are using an outdated version of Composer. Composer 2 is now available and you should upgrade. See https://getcomposer.org/2
./composer.json has been updated
Loading composer repositories with package information
Warning from https://repo.packagist.org: You are using an outdated version of Composer. Composer 2 is now available and you should upgrade. See https://getcomposer.org/2
Updating dependencies (including require-dev)
Your requirements could not be resolved to an installable set of packages.

  Problem 1
    - Conclusion: remove magento/product-community-edition 2.3.6
    - Conclusion: don't install magento/product-community-edition 2.3.6
    - Installation request for magento/product-community-edition 2.3.6 -> satisfiable by magento/product-community-edition(2.3.6).
    - Installation request for veriteworks/cookiefix ^3.0 -> satisfiable by veriteworks/cookiefix(3.0.0).
    - Conclusion: don't install magento/framework 102.0.6-p1
    - magento/product-community-edition 2.3.6 requires laminas/laminas-code ~3.3.0 -> satisfiable by laminas/laminas-code(3.3.2, 3.3.0, 3.3.1).
    - Can only install one of: laminas/laminas-code(3.4.1, 3.3.0).
    - Can only install one of: laminas/laminas-code(3.4.1, 3.3.1).
    - Can only install one of: laminas/laminas-code(3.4.1, 3.3.2).
    - Can only install one of: laminas/laminas-code(3.4.1, 3.3.2).
    - Can only install one of: laminas/laminas-code(3.4.1, 3.3.2).
    - Conclusion: install magento/framework 102.0.6-p1|install laminas/laminas-code 3.4.1


Installation failed, reverting ./composer.json to its original content.

What is composer telling me to do?

Is it possible i made a mess since few days ago (before that I think
everything was working fine) and then I launched “composer
dump-autoload -o” for some reason?

Edit:
i ran same command and got different error

     composer require stripe/stripe-php:^7
The "magento/magento-composer-installer" plugin was skipped because it requires a Plugin API version ("^1.0") that does not match your Composer installation ("2.0.0"). You may need to run composer update with the "--no-plugins" option.
The "dealerdirect/phpcodesniffer-composer-installer" plugin was skipped because it requires a Plugin API version ("^1.0") that does not match your Composer installation ("2.0.0"). You may need to run composer update with the "--no-plugins" option.
The "magento/inventory-composer-installer" plugin was skipped because it requires a Plugin API version ("^1.1") that does not match your Composer installation ("2.0.0"). You may need to run composer update with the "--no-plugins" option.
The "laminas/laminas-dependency-plugin" plugin was skipped because it requires a Plugin API version ("^1.1") that does not match your Composer installation ("2.0.0"). You may need to run composer update with the "--no-plugins" option.
The "magento/composer-root-update-plugin" plugin was skipped because it requires a Plugin API version ("^1.0") that does not match your Composer installation ("2.0.0"). You may need to run composer update with the "--no-plugins" option.
./composer.json has been updated
The "magento/magento-composer-installer" plugin was skipped because it requires a Plugin API version ("^1.0") that does not match your Composer installation ("2.0.0"). You may need to run composer update with the "--no-plugins" option.
The "dealerdirect/phpcodesniffer-composer-installer" plugin was skipped because it requires a Plugin API version ("^1.0") that does not match your Composer installation ("2.0.0"). You may need to run composer update with the "--no-plugins" option.
The "magento/inventory-composer-installer" plugin was skipped because it requires a Plugin API version ("^1.1") that does not match your Composer installation ("2.0.0"). You may need to run composer update with the "--no-plugins" option.
The "laminas/laminas-dependency-plugin" plugin was skipped because it requires a Plugin API version ("^1.1") that does not match your Composer installation ("2.0.0"). You may need to run composer update with the "--no-plugins" option.
The "magento/composer-root-update-plugin" plugin was skipped because it requires a Plugin API version ("^1.0") that does not match your Composer installation ("2.0.0"). You may need to run composer update with the "--no-plugins" option.
Running composer update stripe/stripe-php
Loading composer repositories with package information
Updating dependencies
Your requirements could not be resolved to an installable set of packages.

  Problem 1
    - magento/composer-root-update-plugin is locked to version 1.0.0 and an update of this package was not requested.
    - magento/composer-root-update-plugin 1.0.0 requires composer-plugin-api ^1.0 -> found composer-plugin-api(2.0.0) but it does not match the constraint.
  Problem 2
    - Root composer.json requires veriteworks/cookiefix ^3.0 -> satisfiable by veriteworks/cookiefix(3.0.0).
    - veriteworks/cookiefix 3.0.0 requires magento/framework ~102.0.6-p1||~103.0.1 -> found magento/framework(102.0.6-p1, 103.0.1, 103.0.1-p1, 103.0.2) but the package is fixed to 102.0.6 (lock file version) by a partial update and that version does not match. Make sure you list it as an argument for the update command.
  Problem 3
    - dealerdirect/phpcodesniffer-composer-installer is locked to version v0.5.0 and an update of this package was not requested.
    - dealerdirect/phpcodesniffer-composer-installer v0.5.0 requires composer-plugin-api ^1.0 -> found composer-plugin-api(2.0.0) but it does not match the constraint.
  Problem 4
    - laminas/laminas-dependency-plugin 1.0.4 requires composer-plugin-api ^1.1 -> found composer-plugin-api(2.0.0) but it does not match the constraint.
    - magento/product-community-edition 2.3.6 requires laminas/laminas-dependency-plugin ^1.0 -> satisfiable by laminas/laminas-dependency-plugin(1.0.4).
    - magento/product-community-edition is locked to version 2.3.6 and an update of this package was not requested.

Use the option --with-all-dependencies (-W) to allow upgrades, downgrades and removals for packages currently locked to specific versions.

You are using Composer 2, which some of your plugins seem to be incompatible with. Make sure you update your plugins or report a plugin-issue to ask them to support Composer 2.

Installation failed, reverting ./composer.json and ./composer.lock to their original content.

plotting – How to make a {x,y,z} plot of a data set

I’m a beginner using Mathematica so I really need help with this.

I have a data set which consist in a (X,Y) vector and a matrix of Z values. For every step of Y, I have a vector X, which is always the same, and a set of Z values (every row of the “Z” matrix is a set for each step). So, I have, for example:
{X(1…vector lenght),Y(1),Z(MatrixRow 1)} as my first set of values.
I need to put them all in the same 3D plot, but I’m not sure about how to do it.

Thank you and sorry for my english :c

c# – How do I set the opacity of a Button to 0? (Unity)

You can set the alpha-value of the renderer of the button to zero. When your button has a text or any other child-nodes, then those also need to be made transparent:

foreach(var renderer in GetComponentsInChildren<CanvasRenderer>()) {
    renderer.SetAlpha(0.0f);
}

Another way to make a button disappear without also disabling any of the scripts on it is by setting its scale to 0:0:0. This will also make all its children disappear:

GetComponent<RectTransform>().scale = Vector3.zero;

However, when your problem is that you need a script which is on the button to run after the button was removed, then I would recommend you to better separate your UI logic from your game logic. The components of an UI element should only govern the UI element itself.

I assume you are building some kind of main menu? In that case I would create one component MainMenu and assign it to an invisible gameObject in the scene. I would then give it a method public void StartGame() which starts the game (as well as methods for everything else the player can do on the main menu). I would then create a “Start Game” button and then use its OnClick assignment in its inspector to make it call the MainMenu.StartGame method of the invisible gameObject. The advantage of this pattern is that you can easily add more ways to call that StartGame method. Like have a keyboard key to call it or call it automatically based on a timer when the player does nothing.

Google Groups “Spam message handling” Setting Won’t Stay Set

I have a free Google Groups group setup and messages (which are being forwarded from a Gmail account) keep going into the Pending moderation queue. I’ve repeatedly attempted to change the “Spam message handling” setting (only visible when you click “Advanced settings”) to “Post suspicious messages to the group”, but every time I refresh the settings page it’s reverted back to “Moderate and notify content moderators”.

Is there a way to actually change this setting and allow these messages through?

finder – There is no application set to open the URL

Similar to There is no application set to open the URL rstf3://, I am getting the following error:

There is no application set to open the URL miroapp://

There is no application set to open the URL miroapp://

I uninstalled the application “as clean as possible” with AppCleaner but I am still seeing the issue after rebooting my MacOS (latest).

I also checked with SwitfDefaultApps but I can not find any association related to miroapp.

Would be great not to have some funky workaround but really fix the root cause. Surely this is some simple setting somewhere? I think with windows this would be the registry/regedit.

real analysis – Stability of non-differentiability under modification on a small set

Definitions:

Let $mathcal N$ denote the set of continuous, nowhere differentiable real valued functions on $[0, 1]$.

For $0 < epsilon < 1$, we say $f in mathcal N$ has $epsilon$-robust fluctuations if for any positive number $delta leq epsilon$, any continuous function $g$ that agrees with $f$ on a set of measure greater than or equal to $1 – delta$ is differentiable on a set of measure at most $delta$. Denote by $S_{epsilon}$ the set of functions with $epsilon$-robust fluctuations.

We define the index of non-differentiability of $f$ to be $sup { epsilon | 0 < epsilon < 1, f in S_{epsilon} }$ where by convention we take the supremum of the empty set to be $0$.

Question:

Does there exist, for any $k$ with $0 < k < 1$, a function $f in N$ with index of non-differentiability $k$?

New password can’t be set after chage forced password change

My server is running Ubuntu 16.04

I am trying to create new user accounts, setting their passwords to be the same as their login, and force the users to reset their passwords the first time they logon. I used the command below after their account has been added:

sudo chage -d 0 $user

The new user can log in, and is indeed prompted with Please Enter New Password. However, when a new password is entered, I get the

Authentication token manipulation error.

I’ve used the same script before and it used to work. I looked at a couple Authentication token manipulation error solutions online, but didn’t find one that works yet.

What did I do wrong?

DreamProxies - Cheapest USA Elite Private Proxies 100 Private Proxies 200 Private Proxies 400 Private Proxies 1000 Private Proxies 2000 Private Proxies ExtraProxies.com - Buy Cheap Private Proxies Buy 50 Private Proxies Buy 100 Private Proxies Buy 200 Private Proxies Buy 500 Private Proxies Buy 1000 Private Proxies Buy 2000 Private Proxies ProxiesLive Proxies-free.com New Proxy Lists Every Day Proxies123