Thanks so much for the discussion.
I read the link: Use Discourse as an identity provider (SSO, DiscourseConnect) - #8 by reverend_paco
But, I think this is if I want to send my users to a secondary site and manage auth there.
In my case, I have a piece of JS that runs on the discourse site. And, I want to have that JS call into a path on the same server and get a cookie back for pocketbase.
I actually use an nginx proxy in front of discourse, and so I just added a special route /pb/auth (for example). When my JS hits that route, then a backend proxy server (that is not inside discourse) accepts that connection, and tries to decode the _t session cookie.
I was doing it this way because it seems a little easier than adding a discourse plugin (I have less familiarity with that and the dev setup, etc.). If it is a simple matter of decoding a cookie using base64 and sha hashing, I thought that would give me a secured payload for telling me who the user is.
But, if you think there is a straightforward way to build a plugin that adds this route to discourse, I’m very interested in trying that. It seems like the right way long term. But, I’m an old Perl programmer, so I prefer the lazy route, and my nginx route seemed lazier. 