I’m implementing a strategy to synchronize sessions between Discourse and another rails application.
What I’m doing works. BUT I’m sure I’m violating several best-practices and missing some key optimizations. Anybody want to look at what I did and tell me where I’m going wrong?
I’m creating a new CurrentUserProvider that is heavily influenced by the default one that ships with Discourse. This provider checks for a shared domain cookie, and looks that cookie up in Redis. If a logged in user’s data is returned from Redis then that user is either registered or signed in using the SSO methods.
Any feedback is appreciated!