Telegram Passport login SSO

@julian @exodo Hey guys. I started to look into this. I came across the following in the "passport-telegram-official" strategy.js file

/**
* `TelegramStrategy` constructor.
* 
* The Telegram authentication strategy authenticates requests by delegating to Telegram using their protocol: https://core.telegram.org/widgets/login
* 
* Applications must supply a `verify` callback which accepts an `account` object, and then calls `done` callback sypplying a `user`, which should be set to `false` if the credentials are not valid.  If an exception occurred, `error` should be set.
 *
* More info here: https://core.telegram.org/widgets/login

This tells me that it doesn't use the OAuth 2.0 protocol. Do you have any ideas on strategies to implement this?

@george_i
I'm not too sure about how to set up cloudflare.
I use NameCheap for DNS services. I'm using CNAME records.
I only have a single domain configured.

Have you attempted one domain at a time?

@george_i
That seems odd that it is missing.
I followed the Heroku walkthrough with success.
I had problems with Heroku's ephemeral filesystem. I had to install and build and commit plugins locally, then push the commit to Heroku. The filesystem resets to the latest commit everytime the dyno restarts.

What size dyno are you using?

@PitaJ
Is it possible that that field can go missing? I'm new to NodeBB. Do all documents in the Mongo database have a schema?

@george_i,
I had similar issues when switching between local and Heroku environments.

Not only should you change the config.json value, you should try changing the cookie value in the config object in the database. Here is the mongodb query:

db.getCollection('objects').find({'_key': 'config'})

In there you will find a property called "cookieDomain".
It's value should be "" if localhost, or ".yourdomain.com" when on Heroku using a custom domain.

@julian Thanks for your thoughts on the solution. I'm still thinking about the the appropriate user experience, but easy has a nice ring to it!

I'm still learning about the inner workings of Nodebb. I found the autogenerated list of hooks and I'm curious if you think one of the following hooks would be most appropriate for the plugin I described:
filter:user.updateProfile
action:user.updateProfile

@julian, @PitaJ, @baris
I built a single sign-on app for my multi-forum use case. Thanks for the help! I'm going to clean it up and share it soon.

Quick question. I'm sure many of my forum users will attempt to update their profile in the forum software, Is there a hook that fires when the profile information is updated? I'd like to create a plugin that updates my SSO database.

@julian, @PitaJ , @baris ,
Could you briefly explain what is meant by

• "using a third party OAuth provider as the central point",

in combination with the information from
https://github.com/julianlam/nodebb-plugin-session-sharing

• "When a user logs in, you'll need to save a cookie in their browser session for NodeBB. This cookie needs to have a couple special attributes: . . ."

Are you saying the best process is to create another app for managing user login?

Would you discourage development (if it's possible) of a NodeBB plugin with the ability to create the necessary cookie to log into other NodeBB instances?

I'm going to document my experience adding the session sharing plugin to nodebb here, in case it will help others. My forum is deployed to Heroku and Initially NodeBB crashed when trying to install the plugin.

1. npm i nodebb-plugin-session-sharing
2. git add *
3. git commit
4. git push -u heroku master
5. In the ACP find Plugins > Install Plugins > nodebb-plugin-session-sharing click activate
6. Click Rebuild and Restart Forum
7. App crashed

I reverted to the previous good commit. I upgraded NodeBB, then tried to install the plugin again, with success.

1. git reset --hard <last good commit> (know what you are doing before you use "reset --hard")
2. npm i nodebb-plugin-session-sharing
3. ./nodebb upgrade
4. git add *
5. git commit
6. git push -u heroku master
7. In the ACP find Plugins > Install Plugins > nodebb-plugin-session-sharing click activate
8. Click Rebuild and Restart Forum
9. Reload the page when the Rebuild and Reset is done.
10. Find Plugins > Session Sharing

@julian @PitaJ @arsdragonfly

I'm investigating the session sharing plugin to share a session between multiple nodebb forums. Say a user creates an account in Forum A they then hop over to Forum B and are logged in via session sharing. Will the user always have to log in to Forum A before they visit Forum B? Could a solution be to have a "universal" sign-on page that sits in front of the forums?

This will prevent users without the proper group membership from accessing the category and downloading the file. It will also ensure that the download can only happen from my site. In this way, if a user's membership status is changed, then he wouldn't be able to access the file by accessing the S3 object url.

I hope some of you can accelerate my dev cycle by pointing me in the right direction. I'm looking to add a feature where a user can upload a file, similar to the existing nodebb-plugin-s3-uploads-updated. However, instead of the public S3 upload and link, it should be uploaded with private permissions and a download button that creates a presigned get request. See images below:

before:

after:

@PitaJ I just started with VS Code, thanks for the motivation to try something new.

Thanks @PitaJ ! I use Atom and Sublime Text2. Any suggestions for debugging?

@PitaJ are these instructions still accurate?

It's been 12 hours, since I downgraded to a previous commit with only Mongo mLab configured. I have not experienced issues yet.

What is the recommended method to install plugins?

Is there a way to persist uploaded images and files on Heroku?

I have nodebb running in Heroku with mLab Mongodb, AWS S3 for files, Imgur for images, and Mailgun. I'm experiencing some issues with it's stability.

In the Heroku event log I'm seeing some critical errors:
H12 Request timeout
H13 Connection closed without response

Eventually the app stops responding and I need to restart the dynos.

Any suggestions? I'm thinking about starting over and testing the system and its response to each plugin more thoroughly.