Design decision for User integration
-
My project is divided in two parts:
1- My application (Let's call it X),
2- NodeBB community,
X is an application that allows users to comment, create and share "stuff" and needs to have user-specific attributes attached to it.
And NodeBB provides forum where people can discuss about "stuff".
I think the shift from X and forum should be seamless and user shouldn't be required to login again if he comes to community from X. (And vice versa).
So, my question is, how should I implement user in my application?
I hope I made some sense here. Any help would be appreciated.
-
The recommended method of sharing sessions between two separate and distinct applications is through OAuth2. We recommend this approach because NodeBB maintains its own user records, so that we can keep track of user-related metrics and other data. Relying on another database would be tricky, prone to breaking, and quite possibly dangerous.
Luckily, it's quite straightforward to get things working with OAuth2!
The first step is getting your application to expose an OAuth2 endpoint. If you're running a Node.js based app, you can use a module called OAuth2orize.
Once that is set up, you'll want to take a look at the SSO plugin skeleton for customised OAuth deployments -- nodebb-plugin-sso-oauth. You'll take this plugin, fork it, and modify it to communicate with your OAuth endpoint.
Once everything is working properly, you should be able to register and log in/out via your web app.
