Would It Be Possible To Implement A Non OAuth Login Scheme

I’m wondering if it would be possible to implement Steve Gibson’s SQRL into my forum without having to bridge it to OAuth.

Yeah nothing is locked to OAuth, an SQRL implementation is feasible using our current interfaces.

The QR code generation may require a fair bit of custom code client side, and the notification logic so all the magic works.

I would say this is reasonably high complexity work given you will be starting from a blank slate with a spec only.

1 Like

Sam, we’re a web3 project on Solana, and want to use Discourse as the community board for our dao. Users id is tied to a blockchain wallet address, and we’d like to either pass-through authentication from our site or allow users to login using their wallets direct.

Can you provide any guidance on the best way to explore these options? We have web developers internally, but not Ruby, so we can discuss for hire partnership as well.

You’ll need to write something on your site that will provide the protocol discourse-connect protocol (which would mean that you didn’t have to develop anything in Discourse and it could work with discourse-core). Or, you could conceivably write a custom plugin in discourse that would authenticate against the wallet.
You can look at some of the other recently updated authentication plugins as a model. Discourse requires an email address, so you will need to provide something like username@mail.invalid to Discourse. I’m not entirely sure that works, but I recently saw someone post that they were doing that, so perhaps it does.

discourse.org mostly develops things for their enterprise users. If you have a budget for development, you can post in #marketplace .