Community

Your browser does not seem to support JavaScript. As a result, your viewing experience will be diminished, and you have been placed in read-only mode.

Please download a browser that supports JavaScript, or enable it if it's disabled (i.e. NoScript).

Account destroyed upon signing in with second OAuth provider

General Discussion

2 Posts 2 Posters 34 Views

K Offline

K Offline
Kelbin Michal
wrote last edited by

#1

I created an account already, but it was just destroyed when I signed in via Github. I had already signed in using Google, did it malfunction?
J 1 Reply Last reply
0
J Offline

J Offline
julian GNU/Linux
replied to Kelbin Michal last edited by

#2

@Kelbin-Michal Was this here? Which two accounts were you referring to?
1 Reply Last reply
0

Suggested Topics

O

Spam registration, moderated account with unverified email: how to avoid?
Scheduled Pinned Locked Moved General Discussion

0 Votes

2 Posts

81 Views

P

The best way to avoid this is to leverage the post queue. Sadly, spammers always find creative ways to bypass filters, but the post queue will stop them dead.
S

What's the best strategy to integrate nodeBB with another account system?
Scheduled Pinned Locked Moved General Discussion

0 Votes

5 Posts

427 Views

J

@Samson-Liu to expand on @PitaJ's reply:

The recommended method of sharing sessions between two separate and distinct applications is through OAuth2. We recommend this approach because NodeBB maintains its own user records, so that we can keep track of user-related metrics and other data. Relying on another database would be tricky, prone to breaking, and quite possibly dangerous.

Luckily, it's quite straightforward to get things working with OAuth2!

The first step is getting your application to expose an OAuth2 endpoint. If you're running a Node.js based app, you can use a module called OAuth2orize.

Once that is set up, you'll want to take a look at the SSO plugin skeleton for customised OAuth deployments -- nodebb-plugin-sso-oauth. You'll take this plugin, fork it, and modify it to communicate with your OAuth endpoint.

Once everything is working properly, you should be able to register and log in/out via your web app.
S

Is Single-Sign-On disassociation possible?
Scheduled Pinned Locked Moved General Discussion

1 Votes

7 Posts

1464 Views

J

Ah, you're right... it doesn't look like we support disassociation. Could be something we can add...

https://github.com/NodeBB/NodeBB/issues/5955
B

Is it possible to use OAuth to automatically log in to NodeBB if already logged in on the OAuth serving site?
Scheduled Pinned Locked Moved General Discussion

0 Votes

2 Posts

1281 Views

J

Possible through session sharing... if the cookies both have the same secret...
E

Get a NodeBB cloud instance in less than 30 seconds.
Scheduled Pinned Locked Moved General Discussion

3 Votes

2 Posts

949 Views

J

Nice @enriquec ! Awesome to see cloud providers step up and support apps like ours.

Back in the day when WordPress came out, php wasn't supported on web hosts, and they were instrumental in making it the norm. Let's hope we can do our part to make Node apps first-class citizens on web hosts too 😄

Community

Account destroyed upon signing in with second OAuth provider

Suggested Topics

Spam registration, moderated account with unverified email: how to avoid?

What's the best strategy to integrate nodeBB with another account system?

Is Single-Sign-On disassociation possible?

Is it possible to use OAuth to automatically log in to NodeBB if already logged in on the OAuth serving site?

Get a NodeBB cloud instance in less than 30 seconds.