We use Discourse as our community site and we have a we have an official web site .
So, we hope that discourse can be automatically logged on after user logged on our official website .
Our official website will add a cookie when user loggin and we use cookie sharing in discourse . Discourse get authorization in cookie , and get user info to login.
The code implementation is as follows：
application_controller.rb before_action :check_cookie_login def check_cookie_login if !current_user && cookies[:authorization] external_id = get_external_id cookies[:authorization] cookie_log_on_user external_id end end
current_user.rb def cookie_log_on_user(external_id) sso_record = SingleSignOnRecord.find_by(external_id: external_id) user = sso_record.user log_on_user(user) end
default_current_user_provider.rb def log_off_user(session, cookie_jar) …… cookie_jar.delete('authorization') end
I wonder if there’s anything wrong with me doing this? Is there a better way？