Does NodeBB provide support for a user database other than the one it builds in mongo? How would I integrate NodeBB with Keycloak?

David Sargrad

I see.. You are too good!

SO the @ in the handle is problematic?

julian

Yeah, I'm not immediately certain why @ was omitted, but this is an excerpt of the expression that defines what characters are allowed:

'" \-+.*[\]0-9\u00BF-\u1FFF\u2C00-\uD7FF\w

Some symbols, numbers, letters, and select unicode ranges. Gone are the days when the expression used to be ^\w+$

David Sargrad

I see.. Now to see if Keycloak allows me to modify that.. I'd assume so.

David Sargrad

any idea why the console.log didnt actually go to the console? odd .. since the code seems to be there.

julian

No clue... but if the breakpoint works, then just use that. console.log debugging is for simpletons like myself anyway right

It's like bringing a club to a gun fight.

David Sargrad

Heh.. yea.. i love to single step debug when its an option.. gives quick insights into code design

David Sargrad

@julian Success!! I logged in with a new account: handle poodle

Works with keycloak so far!!

David Sargrad

What defines this convention? Is this an OAuth2 convention on the handle restriction?

'" -+.*[]0-9\u00BF-\u1FFF\u2C00-\uD7FF\w

julian

Nope, it's NodeBB specific based on what we've seen and decided to allow over time.

David Sargrad

I see.. well awesome Julian.. so far so good.

David Sargrad

Now that I've verified that a user registered in Keycloak can login to nodebb properly, what API call can I make to automatically log that user in, when that user successfully logs in to our application?

julian

Hmm, easiest would just be a custom bit of js to check app.user and redirect them to the appropriate /auth/keycloak endpoint if it is null.

It would mean guests get redirected too though.

julian

The thing about SSO is that it's being used as an authenticator (or is it an authorizer? I always get them confused). So we can't really automatically log the user in because we don't know they're logged in on your end.

However, something custom could be built, whereby if we detect a specific cookie, then the redirection happens? That'd be outside the scope of the plugin, however.

David Sargrad

@julian i've discussed the limitation that says @ is not a proper username character with my team. We literally have requirements from our customer that say an email address must be a username. Would you guys be open to implementing a change, and allowing @? We are hoping that you see this as a sensible nodebb modification.

julian

Discussing internally, but to my knowledge there no explicit reason @ was excluded, so including it should not be an issue.

David Sargrad

@julian Ty! It would be great to add support for usernames that are email addresses. In retrospect this is actually a fairly common practice.

julian

@David-Sargrad as it turns out it's likely more difficult than just a single change. It would likely conflict with the mentions plugin.

It's possible you could just adjust the regular expression locally until we are able to add this in for you.

Edit: it may conflict, we don't know

David Sargrad

Hi @julian We have a bit of time in our schedule.. If we know that you are working to address this, then awesome..
Would you like me to generate an issue on the issue database? That way we can track resolution.

David Sargrad

@julian Perhaps I'll go ahead and write the issue on the login id, that way you guys can disposition it in your planned workflow.

julian

Yes thank you