Cool. Has not been a big issue for me (most problem accounts come from gmail, yahoo, hotmail, etc. - shells hidden w/in shells like Russian dolls) but it is an election year and I expect things to become increasingly nasty for community forum sites. Thanks for the tip. 👍
The recommended method of sharing sessions between two separate and distinct applications is through OAuth2. We recommend this approach because NodeBB maintains its own user records, so that we can keep track of user-related metrics and other data. Relying on another database would be tricky, prone to breaking, and quite possibly dangerous.
Luckily, it's quite straightforward to get things working with OAuth2!
The first step is getting your application to expose an OAuth2 endpoint. If you're running a Node.js based app, you can use a module called OAuth2orize.
Heh, evidently I stand corrected about DO and NodeBB. Used DO stuff early on (but not for NodeBB). They then became very popular and I saw significant increases in cpu usage without any commensurate increases in load. Boosted a couple droplets up a notch. Didn't do much. Spun up a virgin node and saw cpu loads into 2.x to low 3.x's just idling on my ssh connection. I bailed to a different provider and have not checked in with them in years. Maybe a scale/infrastructure growing too fast issue?
In any case, good that you can get it sorted for minimal costs. 👍