Automatically authenticate users on nodebb using the session cookie passed in the redirect
-
Hi,
First, I apologize for my English ...
I have a web application which users authenticate via oauth. In the web application I have a link to redirect to nodebb. The need is to automatically authenticate users on nodebb using the session cookie passed in the redirect (SSO).
how can I use the plugin system to meet the need.
Thank you -
Normally, your users will have to click the SSO login button to generate a NodeBB session. This is the default behaviour because NodeBB is a distinct app from your own.
Session sharing is possible, though fairly unexplored. I'd imagine you'll need a combination of the following:
- Cookie domain on both NodeBB and your app to be
*.yourdomain.com(this is settable in the ACP, for NodeBB) - On log into your app, have the user ping a NodeBB route to get a cookie.
- Read this cookie to grab the user's
express.sidand update the session data in NodeBB's session store with the appropriate information.
- Cookie domain on both NodeBB and your app to be
-
I'm very interested in this. The lingo is foreign to me as an end user. I would like to see someone develop an SSO, say, between PencilBlue or even Ghost to NodeBB.
All are authenticating to PencilBlue or Ghost then directed to NodeBB once they go to the forum without having them register to NodeBB.
If this happen, we all will have a very powerful combo that will cater to a lot of users.
I hope NodeBB and PencilBlue are talking to each other. It's a win-win for both and for the users.
-
@julian I would like to clarify that the web application in PHP, moreover it is not on the same host as nodebb. However, their domain names are the following:
I add the user access token in the cookie. but I do not think I can share user session between the app and nodebb.
I do not know how can I use the cookie and the access token via hooks into nodebb. -
@TopQuark said:
I would like to see someone develop an SSO, say, between PencilBlue or even Ghost to NodeBB.
If Ghost or PencilBlue have support for an OAuth2 provider, then this is possible.
At current there is no plugin to turn NodeBB into an OAuth2 provider, although that is an option as well.
