@KingCat said:
I'm actually dealing with this right now. I went through the trouble of creating an oauth2 api server and customized the nodebb-plugin-sso-oauth plugin to work with it. However, this is quite a bit of overkill just to have my site users authenticated with the forum. Both the forum and the main site sit on the same server, there's no reason nodebb couldn't authenticate against the same database or share the session.
The points raised here about using the API to authenticate with nodebb simultaneously while logging into the main site are intriguing and will require additional research.
** Ideally I'd like to have my users visit the forum page and seamlessly be logged in without any additional clicks or page visits on their part. I don't see the need for an intermediary "Do you authorize this site?" page.**
Also, and this is to the devs. It's a little disheartening to see you say "use oauth" every time someone has a question about application integration. OAuth is extremely complex and is like using a flamethrower to light your blunt. It shouldn't have to be that hard, especially if the only authentication integration the site owner is doing is with this forum. Why should I have to create an entire additional API system just to support single sign on? This is not a service I'm providing to my users for other sites. It's not like they're going to visit some other page and try to login with credentials from my site. I'm not twitter/facebook/google, etc.
There's got to be a better way.
For me this is the key point. It would be great if the forum feels like the actual site. One login -> site + forum access.
I'm expecting to have some time to test the oauth2 approach to integrate Nodebb with wordpress site, but i'm concerning if this approach is transparent for the user at the time on login at the forum, because i don't really like an intermediary page in order to log in to the forum. As i said it would be great to have a solution to integrate it, with 1 login and feel like the forum is part of the site.
One example of what i'm trying to say can be seen on the QT site. You sign in to the site, but if you go to the forums, you have to log in again, using the Oauth approach.
It would be great it this could be simplified, to make only 1 login for both.