unauthorized error in request_password_reset link!

[ckarmy]

I'm using the parse-server-simple-mailgun-adapter to send the password reset mail. I receive the email fine but when I click the link I get {"error":"unauthorized"}

How can I fix this?! Please help me!

(parse-server: 2.5.3)

My index.js looks like:

// Example express application adding the parse-server module to expose Parse
// compatible API routes.

var express = require('express');
var ParseServer = require('parse-server').ParseServer;
var path = require('path');

var databaseUri = 'xxxx';

if (!databaseUri) {
  console.log('DATABASE_URI not specified, falling back to localhost.');
}

var api = new ParseServer({
  databaseURI: 'xxxx',
  cloud: process.env.CLOUD_CODE_MAIN || __dirname + '/cloud/main.js',
  appId: 'xxxx',
  masterKey: 'xxxx', //Add your master key here. Keep it secret!
  serverURL: 'http://localhost:1343/myapp',
  verifyUserEmails: false,
  appName: 'myapp',
  emailAdapter: {
    module: 'parse-server-simple-mailgun-adapter',
    options: {
      // The address that your emails come from
      fromAddress: '[email protected]',
      // Your domain from mailgun.com
      domain: 'xxxx',
      // Your API key from mailgun.com
      apiKey: 'xxxx',
    } 
  },
  liveQuery: {
    classNames: ["Posts", "Comments"] // List of classes to support for query subscriptions
  },
  publicServerURL: 'https://myurl.com/myapp'
});
// Client-keys like the javascript key or the .NET key are not necessary with parse-server
// If you wish you require them, you can set them as options in the initialization above:
// javascriptKey, restAPIKey, dotNetKey, clientKey

var app = express();

// Serve static assets from the /public folder
app.use('/public', express.static(path.join(__dirname, '/public')));

// Serve the Parse API on the /parse URL prefix
var mountPath = process.env.PARSE_MOUNT || '/myapp';
app.use(mountPath, api);

// Parse Server plays nicely with the rest of your web routes
app.get('/', function(req, res) {
  res.status(200).send('I dream of being a website.  Please star the parse-server repo on GitHub!');
});

// There will be a test page available on the /test path of your server url
// Remove this before launching your app
app.get('/test', function(req, res) {
  res.sendFile(path.join(__dirname, '/public/test.html'));
});

var port = 1343;
var httpServer = require('http').createServer(app);
httpServer.listen(port, function() {
    console.log('parse-server-example running on port ' + port + '.');
});

// This will enable the Live Query real-time server
ParseServer.createLiveQueryServer(httpServer);

in Nginx:

server {
	listen 443 ssl;

	root /var/www/myurl.com/public_html;
	index index.html index.htm index.php;

	server_name myurl.com www.myurl.com;

	ssl_certificate xxxx.pem;
    ssl_certificate_key xxxx.pem;

    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_prefer_server_ciphers on;
    ssl_dhparam xxxx.pem;
    ssl_ciphers 'xxxx';
    ssl_session_timeout 1d;
    ssl_session_cache shared:SSL:50m;
    ssl_stapling on;
    ssl_stapling_verify on;
    add_header Strict-Transport-Security max-age=15768000;

    location ~ /.well-known {
            allow all;
    }

	location /myapp/ {
	        proxy_set_header X-Real-IP $remote_addr;
	        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	        proxy_set_header X-NginX-Proxy true;
	        proxy_pass http://localhost:1343/myapp/;
	        proxy_ssl_session_reuse off;
	        proxy_set_header Host $http_host;
	        proxy_redirect off;
	}

	location / {
		try_files $uri $uri/ =404;
	}

	location ~ \.php$ {
        try_files $uri =404;
        fastcgi_split_path_info ^(.+\.php)(/.+)$;

        fastcgi_pass unix:/var/run/php5-fpm.sock;
        fastcgi_index index.php;
        include fastcgi_params;
	}

	location ~* \.(json)$ {
    	expires 0;
    	break;
	}

	location ~* \.(css|js)$ {
	    expires 0;
	    break;
	}
}

server {
    listen 80;
    server_name myurl.com;
    rewrite ^/(.*) https://myurl.com/$1 permanent;
}

[flovilmart]

Can your provide the invalid link?

[ckarmy]

@flovilmart yes the invalid link is: https://myurl.com/myapp/apps/XXXX/request_password_reset?token=XXXX&username=cristiankarmy%40gmail.com

[ckarmy]

@flovilmart Or you need the real link with the appId?

[ckarmy]

Anyone?

[flovilmart]

I believe I know what’s going on, let me have a look at the tests we have on that

[ckarmy]

@flovilmart Thanks!

[ckarmy]

Any news?
Thanks!

[ckarmy]

@flovilmart do you know how can I solve this?

thanks

[ckarmy]

Anyone can help me? I need to solve this!

[ckarmy]

Solved!! The error was that my appId has @# characters!