How would one control logout/login with SSO?

(Jeff Willette) #1

I have discourse running on a subdomain and I have 4 cases that need to be taken care of for seamless login/logout from both domains… I have been reading all I can on here but I am unsure about the proper approach to take…So I thought it would be best to ask for some help from someone more experienced with the app…

1. (solved with SSO) User clicks login from discourse, is routed to main domain login page

2. User clicks logout from discourse (I have set logout redirect to my main domain logout page but it requires a post request and the user to click another button to logout which leaves things fragmented)

  • option 1: Make custom javascript in the customize section to post to the proper URL (csrf cookies shared on my subdomain) unfortunately I cannot get this to work as I cannot select the logout link with jquery because it is inserted by other javascript (it seems)
  • option 2: delete the cookie that is shared from the main domain, unfortunately I also need to bind this option with the logout event and I cannot do that because of the stated javascript problems in option 1

3. (Solved) User clicks login from the main domain, they should be auto-logged into discourse so they do not have to click login or avatar

  • make my main domain hit the sso url when a login occurs or only when the user decides to navigate to the forum?

4. (Solved) User clicks logout from the main domain, they should also be logged out from discourse

  • my site needs to hit /admin/users/{user_id}/logout be POSTed to from the main domain to log someone out?

(Jeff Willette) #2

I have been able to solve every situation except for number 2…