I implemented Discourse as Identity Provider a few days ago in PHP.
Now where I have a example SSO Payload from my discourse site I wonder if there is a way to check if a user has been Approved. I don’t want Users that are only registered to be able to view the data on my PHP site.
Is there a way to check for this attribute or doesn’t discourse Connect work at all for not Approved Users?
Thanks for Help
If you have enabled the must approve users setting on your Discourse site, new users will not be allowed to log into Discourse until they have been approved by a staff member. This will also prevent the new users from logging into your PHP site until they have been approved on Discourse. If your PHP site is displaying a link to allow users to login via Discourse, when an unapproved user clicks the link, they will be taken to the Discourse login page, and see a notice like this if they attempt to login:
Let me know if that doesn’t answer your question.
In case you are interested, here’s an example of the payload that is sent when an approved Discourse user attempts to login to a site via DiscourseConnect:
[admin] => false
[moderator] => false
[email] => connecttester@example.com
[external_id] => 379
[groups] => trust_level_3,trust_level_0,message_test,eurorack,trust_level_1,trust_level_2
[name] => Connect Tester
[nonce] => 690d8fb0853fd4c69bb89a5084d87f45
[return_sso_url] => http://wp-discourse.test/
[username] => connecttester
For an unapproved user, no data will be sent, because the user will not be able to get past the Discourse login page.
Yeah I am exactly getting that payload and “users must be approved” is enabled so it should be working.
Thanks for your help
If in doubt, create a test account!
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.