Redirecionamento Omniauth JWT

Depois disso, consegui configurar o SSO com JWT.

Com a biblioteca discourse-omniauth-jwt, não tenho certeza de como redirecionar os usuários após o login.

Quando um usuário faz login no meu site, obtenho o JWT e também o loga no Discourse imediatamente. Ao final desse fluxo, ele acaba no site do Discourse em vez de retornar ao meu site.

Tentei verificar os métodos de redirecionamento da biblioteca omniauth, que incluem o parâmetro origin e o cookie destination_url desta fonte. Nenhum deles parece funcionar.

Talvez @eviltrout possa esclarecer isso.

EDIT: Acabei de perceber que estive olhando para duas bibliotecas diferentes: omniauth e os callbacks omniauth do Discourse. De qualquer forma, ainda não tenho certeza de como fazer isso funcionar.

So the issue here is:

1. a user logs into your site
2. you redirect them to discourse to log in there
3. they end up logged in at discourse?

I don’t think this is a supported path. In general, a user would be on discourse, click login, visit your site for auth and be redirected back. If a user logs in directly on your site, they should stay on your site.

Typically how we do this is keep Discourse logged out, but when they click “Login” it’ll redirect back without having to fill out the authentication form again.

Hmm right makes sense. Logging in doesn’t do much now that I think about it since the embed can’t make use of the auth session.

So, the embeds do make use of the auth session (or the session cookie) to show or hide private discourse topics.

This auth flow does make sense, but for starters, I’m going to redirect people to the discourse forum for login on a new tab. They will be able to access private topics after a refresh.