Best way to config discourse sso with a SPA app (using vuejs)


(Best In Slot) #1

I have it setup as follows:

  • I’m using a vuejs front end, with a nodejs backend.

  • The front end is being served by nginx, while the backend is in a docker container. There is no server side rendering going on.

  • I have my front end working as a sort of “proxy” to the back end when it comes to getting the credentials needed to sign into discourse. The reason is because I only want authenticated users to be able to login to the forum. I do a check to make sure they’re authenticated on the SPA, and proxy the payload and sig to the back end.

  • User is not logged in, clicks on forum link, get’s sent to forum (forum.domain.com), clicks on sign in link, gets redirected back to my SPA (www.domain.com).

  • If user is already signed in the forum link changes to to the sso endpoint, when the user clicks on the SPA forum link (while signed in) they get redirected to forum to get the payload and signature.

  • It then redirects them back to the SPA again which proxies the payload and signature to the back end with a post request.

  • I get back a response from the backend which redirects me AGAIN to the forum with the proper credentials.

All in all two redirects are happening. The initial redirect which hits the endpoint on the forum, which then redirects to the SSO endpoint on my SPA and which waits for a response from the back end with the credentials and then a redirect to the forum.

It’s a little convoluted, and I’m wondering if there is a better way to do this. I don’t have discourse setup to interact with my api directly, everything is going through the front end due to authentication (I also do a check on the back end to make sure the user is in fact authenticated). I’m using a JWT to authenticate.


(Rafael dos Santos Silva) #2

(Best In Slot) #3

How does this work exactly work with SSO. Does it hand off the jwt token generated from my site to discourse?