I’ve been playing around with the WP plugin and SSO this evening but it’s not as great as I’d hoped. I’m hoping I’m doing something wrong as there are a few things I’ve noticed which are less than ideal.
- When I log out of Discourse, it redirects me to Wordpress where I am still logged in
- If I log out of Wordpress, my Discourse account stays logged in until I click Log out.
- Human verification check appears to be ignored when accessing Wordpress login page from Discourse Login link. (However I’ve not investigated this and it may be an issue with my Wordpress setup)
- If I log in on Wordpress and click a link to Discourse, I still have to click the ‘Login’ button on Discourse to be logged in (unless I click a link with
session/ssoat the end, obviously). For me, Discourse should recognise I’m logged in automatically.
From my understanding the two should stay in sync. This doesn’t appear to be happening. Has anyone else encountered these issues?
This post appears to be talking about a similar thing, albeit it in a custom implementation of SSO, not the WP plugin. It’s my assumption that these issues would have been ironed out by now, but maybe not?