Syncing login status between WordPress and Discourse, Discourse SSO provider


#1

I’m using the WP Discourse plugin to connect my WordPress and Discourse sites, using Discourse as the SSO provider, I plan to disable WP login page and only rely on Discourse’s user authentication. Everything worked well except login status is not synced in WordPress. Either login or logout from Discourse, my login status in WordPress doesn’t change automatically, for log in, I have to click the Login with Discourse link (https://example.com/?discourse_sso=1). Same thing for logout, have to use WP’s logout link.

Settings in WP Discourse plugin:
Set SSO Secret Key
Checked Enable SSO Client
Checked Add Login Link
Checked Sync Existing Users by Email

Settings in Discourse:
Checked enable sso provider
Set sso secret

WP version: 4.8.1
WP Discourse plugin version: 1.4.3
Discourse version: 1.9.0.beta5

Is this the expected behavior? If so, what’s the the best way to enable login status syncing?

Thanks!


(Simon Cossar) #2

Yes, it is, but there are a couple of workarounds. You can sync logout between Discourse and WordPress by adding a URL like this to the Discourse logout_redirect setting:
http://my-wp-blog.com/?request=logout

The easiest way to get users logged in on WordPress when they visit the site from Discourse is to link to the site on Discourse with an SSO link. You can get the form of the URL by inspecting the ‘Login With Discourse’ link on your WordPress login page. It should look something like this:

<a href="http://wordpress.dev/?discourse_sso=1&redirect_to=http://wordpress.dev/">Log in with Discourse</a>

Change the value of the redirect_to parameter to get users to a specific page.

A Discourse plugin could probably be developed that would automatically sync login with WordPress. It’s not something that can be accomplished through the WP Discourse plugin.


#3

Got it. Thanks for the explanation!