Using custom authentication

Hey everyone :wave:,

Currently trying to integrate with our own website’s cookie-based authentication. We have a callback URL that we typically pass various parameters to authenticate users - however we’re experiencing trouble trying to authenticate users in Discourse in the same way.

I’ve been playing around with (https://github.com/discourse/discourse-oauth2-basic) but it’s proving difficult to integrate with our setup.

Is there any way to configure how Discourse authenticates users so we can use our own methods? Happy to supply any supplementary information or code if needed, any advice is appreciated!

Hi, welcome to Meta! :grinning:

This varies a lot depending on how you created your authentication system.

Could you explain how it works or pass a URL to your site?

Hey Alexander - the way it currently works is as follows:

  1. The user enters an email, receives a magic link with various URL parameters (user id, timestamp, hash w. secret for authenticating session) that leads to a callback URL on our end.
  2. After the callback function authenticates the user, a cookie is created and a session is created in the database.

It’s a relatively straightforward setup, but not super compatible with OAuth2 plugins.

Hi @cb-candor, how did you solve this? We’re pursuing an identical use case. Alternatively, @Alexander, able to provide any advice?