Hello,
I’m trying to create a login process to discourse from my front-end app. How should I do it?
Thanks 
This is the usual solution:
If you are managing users on Discourse only then a redirect button is probably easier!
1 Like
Thanks for your reply! but can I actually open kind of iframe so they can choose how to be authenticated?
No, iframes are not supported.
You either want to manage user accounts on your parent site, then authenticate with Discourse Connect, or simply have a link to your Discourse.
You could link to the login route to prompt them immediately? /login
I can’t really understand how to use this. I mean I imagine something like a login button in my website then the user needs to choose how to be authenticated right? I mean what’s the possible flow for this scenario?
Why do you need them to login on your website? Are you managing user accounts there?
I want to be able to create posts/topics from my front end so I need them to be authenticated first. Makes sense?
OK makes some sense. Essentially you are saying: “I want to rewrite parts of the UI and just communicate via the API only”?
I don’t think you will get much free support to help you do that here, but take a look at:
https://meta.discourse.org/t/help-with-authenticating-user-via-api/178355/2?u=merefield
There are existing efforts to do this, particularly via app, you might want to research them, e.g.:
There was also Fig, but it’s not yet open source:
But note the extremely high level of up front development and maintenance these kinds of solutions require. I believe the best two examples have been abandoned (?)
Alternatively consider building your website as a Discourse instance entirely (via plugins and theme components) to avoid having to rewrite many elements of the UI.
1 Like
I’m using Discourse as my identity provider and it has been working great, you can use it to create a “Login” link on your website which will take your user to your Discourse instance and, if they’re already logged in or after completing the login flow, the user will be redirected to the return_sso_url you added to the payload, with the user credentials and info. This return_sso_url can be a route on your website that stores the authenticated session the way you prefer (like a session cookie) once it receives Discourse’s payload.
3 Likes
FWIW, Lexicon is not abandoned and is still under active development.
@Roie_Natan if you are familiar with Javascript, you could look at Lexicon’s source code to see how it was accomplished.
However as @merefield pointed out there are existing posts that could help you along in figuring it out.
Here is one resource talking about user sessions: Storing extra data about a user's session - #3 by sam
And you might also find the auth flow from @pmusaraj’s app useful:
3 Likes
That’s great! Thanks for the correction.