调试并修复常见的 DiscourseConnect 问题

文档 集成
, ,
1

作为使用 DiscourseConnect 的论坛管理员,您可能会偶尔收到用户报告,称他们在尝试登录论坛时看到错误消息。例如:“您的账户存在问题。请联系网站管理员。”

20%20AM
20%20AM540×202 10.9 KB

启用详细的 DiscourseConnect 日志记录

要调试此问题,首先需要启用 Discourse 上的“详细 DiscourseConnect 日志记录”(verbose discourse connect logging)站点设置。如果此前已启用该设置,您可以直接前往 Admin/Logs/Error Logs 查看站点日志。如果此前未启用该设置,您需要请用户再次尝试登录,以便生成其登录失败尝试的日志条目。

读取日志条目

前往 Admin/Logs/Error Logs,查找以 Verbose SSO log: Record was invalid 开头的最近日志条目。如果您难以找到该条目,请在日志页面底部的搜索框中输入“Record was invalid”。点击该日志条目,然后点击日志工具栏上的“info”选项卡:

image
image2458×1318 249 KB

您需要的信息包括日志条目中给出的原因(reason),以及 info 部分中显示的 emailexternal_id

解决 require_activation 导致的 DiscourseConnect 登录问题

SSO 登录的一个常见问题是:Record was invalid: User {:primary_email=>"has already been taken"}

当 SSO 负载中的 require_activation 参数设置为 true,且用户在 Discourse 上已存在账户,但该账户尚未关联 single_sign_on_record,或者虽已关联 single_sign_on_record 但其 external_id 与尝试登录用户的 external_id 不匹配时,就会出现此问题。

要确认这一点,请进入您论坛的 Rails 控制台,搜索使用失败 SSO 登录尝试中邮箱地址的用户:

u = User.find_by_email('sally@example.com')

接下来,检查该用户是否存在 single_sign_on_record

sso_record = u.single_sign_on_record

如果用户存在于您的论坛中,但没有 SSO 记录,您可以使用 SSO 日志中的值为其创建一条记录:

SingleSignOnRecord.create!(user_id: 2, external_id: 2, external_email: 'sally@example.com', last_payload: '')

现在该用户应该能够登录了。

如果该用户已存在 SSO 记录,但其 external_id 与失败登录尝试中的 external_id 不匹配,您需要调查导致此问题的原因。一种可能的情况是:用户的账户在 SSO 提供商站点上被删除后又被重新创建。在这种情况下,您可以更新 SSO 记录以使用新的 external_id

sso_record.external_id = <failed-sso-login-record-external_id>
sso_record.save!

现在该用户应该能够登录了。

如果您使用的是 WP Discourse 插件并遇到上述问题,请参阅 https://meta.discourse.org/t/how-to-validate-email-addresses-with-the-wp-discourse-plugin/130085,了解如何在无需访问 Rails 控制台的情况下解决该问题的详细信息。

17 个赞
Login error, possibly related to Wordpress SSO (for single user)
Users unable to login using Wordpress SSO
SSO to Joomla site
Delete sso with api
Trouble with wp-discourse logins
Configure single sign-on (SSO) with WP Discourse and DiscourseConnect
Can't log in from PC or Android browser, but could from "App"
Basic forum access/integration with Wordpress site
Use Discourse Connect with Wordpress and regular login
DiscourseConnect Provider Questions
"Login error" page during the login attempt by existing user previously added through SSO
Validate Email Addresses with the WP Discourse plugin
Setup DiscourseConnect - Official Single-Sign-On for Discourse (sso)
Wp-discourse getting odd data from wp - debug help?
Merging existing Discourse and WP user lists
Discourse DB Error When Creating New Users via SSO Login
Conflicting email addresses, giving admins more power to resolve issues
2

I wasn’t sure how to enter the Rails console, but found the answer over here and thought I’d publish for anyone else who doesn’t know how to get into the Rails console.

  1. SSH into your site
  2. Login as root user then do the following:
  3. sudo -s
  4. cd /var/discourse/
  5. ls
  6. ./launcher enter app
  7. rails c

That should get you into the Rails console!

3 个赞
3

I was doing this and it was not working, but I finally got it to work when I replaced this:

sso_record.external_id = <failed-sso-login-record-external_id>

with this:

sso_record.external_id = 91

Where “91” was the external_id of the user who was unable to login.

Thanks so much for this helpful discussion @simon! :raised_hands:

4

Yes, <failed-sso-login-record-external_id> is meant to be replaced with the external_id from the log entry.

2 个赞
5

:man_facepalming: I was trying it with the " < > " and it wasn’t working, of course ツ

6

Is there an easy way to reset the SSO ties for specific accounts with the Rails console? I have a couple admin accounts that are tied to different WP accounts than I would like because originally the email addresses didn’t match properly. Can I manually set them to be tied to a different WP account?

7

You can find the user’s WordPress ID by going to their user page from the WordPress dashboard. The user’s ID will be displayed in the address bar of your browser as the value of the user_id query parameter.

Once you have the user’s WordPress ID, you can update their SSO record on Discourse following the steps outlined for updating the external_id at the end of the ‘Solving require_activation SSO login issues’ section of my original post. You need to be careful with this though - especially with admin accounts.

3 个赞
Occasional help
8

Hi, we tried these solutions but nothing worked… External id were the same and SSO is active. Do you have other solution please? I’m lost :frowning:

9

Is the problem with SSO login for a particular user, or is SSO not working at all on your site?

10

only for a particular user

11

Make sure you have enabled the verbose sso logging site setting. If you have done that, are you able to find the error in your site’s logs when the user attempts to login? If you can share the error log here, we may be able to help. If there is data in the log that you don’t want to make public, you can send it to me in a PM.

2 个赞
12

Does this help you? It is what you need?

It is the detail of the Log for member concerned by the situation (or at least, the only one that reported this problem)

Thank you so much!

image
image.png875×385 20.5 KB

1 个赞
13

Thanks, that helps. It looks like your SSO provider site is a WordPress site. Are you using the WP Discourse plugin for SSO? If so, and you are using the latest version of the plugin, try going to the user’s profile page and checking the ‘Email Address Verified’ checkbox. Then be sure to click the Save button. After doing this, have the user try logging in again.

image
image.png1208×384 26.7 KB

If you are not using the WP Discourse plugin, we will need to give you more detailed instructions to fix the issue.

4 个赞
14

You’re right, I’m using WordPress and I made the change, I will ask user to try again, thank you so much!! :smiley:

1 个赞
16

It worked! Yeah! :smile: Thank you!

5 个赞