Add links to Discourse that allow users to authenticate via SSO or access private groups directly if they are logged in already

I have a WordPress Site that is the SSO provider for Discourse using the WPDiscourse plugin, the Forum is public, but it has some private groups.

When I want to add buttons that take users from my WordPress site to a private Group in Discourse I am using the SSO URL as mentioned here, so users don’t end up on the " Oops! That page doesn’t exist or is private.".

But when users have already authenticated via SSO in Discourse, and they come back and hit the same buttons they will get to the login page again, even when they’ve selected the “Remember me” checkbox during login. Ideally, they would be able to navigate to the private groups freely once they have authenticated in Discourse SSO.

Is there a better way of setting this up?
I thought about adding a code to the WP Login page and verifying if the user has already logged in in Discourse, and if so, redirect to the page in the “return_path” argument in the URL. Would that be the workaround? If so, which functions or API calls I could use to achieve it?

Thank you!

1 Like

If the users are already logged into your WordPress site, this should not be happening. Can you clarify if the users who this is happening to are logged into WordPress? If they are logged in. they are expected to be silently redirected to the Discourse URL that you have set in the return_path argument.

3 Likes

Hey @rodrigo.braga :slight_smile:

I too am a little confused. If you could confirm the following:

Setup

Wordpress is set up as the DiscourseConnect provider for Discourse following the instructions here

Scenario 1

  1. A user is on your Wordpress site and is not logged in to Wordpress
  2. The user clicks a link on Wordpress in the format https://discourse.example.com/session/sso?return_path=/g/private_group
  3. The user is prompted to login to Wordpress
  4. The user logs in to Wordpress
  5. The user is redirected to https://discourse.example.com/g/private_group
  6. The user sees private_group because they are now logged into Discourse via DiscourseConnect and they are a member of private_group.

Is that currently the case?

Scenario 2

  1. A user is on your Wordpress site and is logged in to Wordpress
  2. The user clicks a link on Wordpress in the format https://discourse.example.com/session/sso?return_path=/g/private_group
  3. The user is prompted to login to Wordpress

Is that currently the case?

3 Likes

Thanks Simon, yes the user is logged into WordPress.

The odd in my scenario is that I have one main WP site (WPSite1) that is the DiscourseConnect Provider for Discourse using WP Discourse,

Then I have a second WP Site (WPSite2) that synchronizes user database with WPSite1 using WP Remote User Synch plugin

I don’t know why it would interfere with the expected behavior you mentioned though, because when I login in on WPSite2, and then navigate to WPSite1, I am already logged in on WPSite1 as well.

But what is happening is that even after logging in on WPSite1, which is the DiscourseConnect Provider, and I click on a URL like https://discourse.example.com/session/sso?return_path=/g/private_group, it takes me to the SSO WP Login form.

1 Like

Thanks, Angus,

Scenario 2 is the case.
I will review the instructions but I believe everything is set correctly since SSO login works, the problem is that the login page doesn’t recognize that there the user is already authenticated.

1 Like

Hey @simon and @angus, thanks again, I found what was wrong.

When reviewing the DiscourseConnect configuration I noticed the DiscourseConnect URL was set to https://mydomain.org, and I looked at the recommendations on the Discourse WP plugin, and it was saying to use https://www.mydomain.org… When I updated with www, it started working as expected.

Thank you.

2 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.