Integrate JWT authentication & Authorization
-
Hi everyone, hope you are doing great. I m working with a client and he has a website having custom implementation of JWT authentication and authorization. He wants me to integrate nodeBB with a website containing the SSO feature. I tried plugins but none is helpful. so I finally decided to change nodeBB auth mechanism with my custom logic in order to make SSO feature successful.
But right now I can see there are a lot of things depending upon sessions and I couldn't able to integrate JWT successfully.
So can anyone, suggest to me how I can integrate JWT without making a lot of existing changes (if I do, it will break many things)?thanks in advance
-
@julian thanks for the quick reply. Yes, I have found this package and understand now, how it works, but one problem, it works only for the master branch code, in the 2.x branch, we cant save plugin session information.
so I clone the master branch code and deployed it. But master branch code has an issue while running "./nodebb build" cmd.
issue: "Module not found: Error: Can't resolve 'persona/quickreply' in <your-system-path/build/public>"Can you help me resolve this issue or is there any way, i can use this plugin using 2.x branch?
-
This post is deleted!
-
@Irfan-Babar said in Integrate JWT authentication & Authorization:
issue: "Module not found: Error: Can't resolve 'persona/quickreply' in <your-system-path/build/public>"
This error is unrelated to the session-sharing plugin, it doesn't have anything to do with
persona/quickreply
. I take it to mean that you are running the2.x
branch of NodeBB? In that case, you also have to install an older version of the Persona theme, v12.1.2. -
@julian You were right, it was not related to nodeBB. I have integrated this plugin with nodeBB "master" (which I don't prefer by the way) and now it works.
Issues
-
One issue, I m getting is that, in the plugin, it is mentioned that if you have a subdomain for the forum and you need to share a cookie from the main domain to the subdomain, you have to set domain property of cookie to your main domain i.e; "example.com".
but when I set the domain property in the session sharing's setting to "example.com" and put a valid cookie with the main domain for forum.example.com. it doesn't login to my user, but if I change it to forum.example.com it works. -
Once loggedin, if I remove token, it wont log out, and if I click logout instead, it wont remove token.
In both ways, I cant log out once login.
-
-
We have the same setup with NodeBB running on a sub domain. You have to setup the cookie with a period before the domain name
For example if your domain is "example.com" and nodebb is running on "nodebb.example.com" you can set the cookie "_cookiename" as
document.cookie = `_cookiename=${token}; domain=.example.com; expires=Sun, 1 Jan 2033 00:00:00 UTC; path=/`
and you can expire it as
document.cookie = `_cookiename=${token}; domain=.example.com; expires=Sun, 1 Jan 1970 00:00:00 UTC; path=/`
-
got it, I will try this. thanks
-
@razibal said in Integrate JWT authentication & Authorization:
You have to setup the cookie with a period before the domain name
Frankly this is a surprise for me — I always thought the period prefix was deprecated (but still supported). TIL...
-
@julian said in Integrate JWT authentication & Authorization:
Frankly this is a surprise for me — I always thought the period prefix was deprecated (but still supported). TIL...
You are quite correct, in theory this should no longer matter. However, we encountered issues when updating existing cookies for logging out when the cookie did not have the period prefix.