I am currently trying to bring Auth0 authentication to my Discourse app. I essentially followed the workflow here and I get things running.
However, I am not quite happy with it for several reasons:
After clicking on sign in/up, there is only a button "with Auth0β. I want there Auth0 login/sign up panel the only thing that shows up after clicking sign in/up at the top of the Discourse page.
After authentication with Auth0, people should not have to create a new user, instead it should all be fine because of Auth0.
E-mail authentication should be or should have been handled via Auth0, not via Discourse.
If you already have logged in via Auth0 in that browser, possibly with the same app from Auth0, in another module of our platform, then you should be automatically logged in.
There should still be the possibility to login as the admin user, as this might turn out to be more challenging after implementing point no. 1.
Could you help me to setup everything or at least parts of it?
I believe you can check this setting in discourse auth_overrides_email for this.
And you can use this sight setting for this: auth_skip_create_confirm
When signing up via external auth, skip the create account popup. Best used alongside auth_overrides_email, auth_overrides_username and auth_overrides_name.
There is also the auth_immediately setting which might do what you are after as well:
Automatically redirect to the external login system without user interaction. This only takes effect when login_required is true, and there is only one external authentication method
Try disabling the enable local logins settings. This should remove the ability to login leaving your users only the option of logging in with OAuth2.
I would recommend doing this this in a separate browser session though. That way you can revert any changes you make if you have configuration problems without losing the ability to login.
Hello @blake
Thanks for the insights. I have made some progress but unfortunately there is still a slight problem with login. Whenever I hit the login button, correct information for the user is fetched from auth0, but discourse still tries to create an account.
I am taken to a Welcome, lets create your account screen with an error that says Primary email has already been taken error.
Love this plugin. I notice when I sign out, it does sign me out out Discourse. But when I click sign in⦠it immediately signs me back in (without going to Auth0). I allowed the logout URI in my Auth0 App, but it looks like https://AUTH0_DOMAIN/v2/logout never gets called from this plugin. Who maintains this? Can this be added?