从 Rails 单点登录 Wordpress [英] Single Sign On Wordpress from Rails

问题描述

我有一个 Rails 应用程序和一个 Wordpress 站点.Rails 数据库中的所有用户.现在我想提供从 Rails 应用程序到 wordpress 的 SSO.

I have a Rails App and a Wordpress site. All users in Rails database. Now I want to provide SSO from Rails app to wordpress.

我发现了一些 tuts，但其中大多数都提供了从 Wordpress 到 Rails 的 SSO.

I found some tuts but most of them are providing SSO from Wordpress to Rails.

你有解决这个任务的想法吗?

Do you have some ideas to solve this task?

谢谢.

推荐答案

你对这个问题有点含糊，所以我会尽我所能.

you are a bit vague on the question so I would do the best that I can.

首先你应该添加 devise/omniauth gems 到 Gemfile

first you should add devise / omniauth gems to the Gemfile

gem 'devise'
gem 'omniauth'
gem 'omniauth-wordpress-oauth2-plugin', github: 'jwickard/omniauth-wordpress-oauth2-plugin' 

为您的 wordpress 站点安装 Oauth2 提供程序插件:

Install Oauth2 provider plugin for your wordpress site:

https://github.com/jwickard/wordpress-oauth

为您的 rails 应用程序创建客户端条目，并将回调键设置为:http://example.com/users/auth/wordpress_oauth2/callback

Create client entry for your rails app with the callback key set to: http://example.com/users/auth/wordpress_oauth2/callback

那么你必须配置 Devise/Omniauth

then you have to Configure Devise / Omniauth

#config/initializers/devise.rb
config.omniauth :wordpress_oauth2, ENV['APP_ID'], ENV['APP_SECRET'],
              strategy_class: OmniAuth::Strategies::WordpressOauth2Plugin,

client_options: { site: 'http://yourcustomwordpress.com' }

client_options: { site: 'http://yourcustomwordpress.com' }

现在你必须设置允许回调的路由

now you have to set up routes to allow callbacks

#config/routes.rb
devise_for :users, controllers: { omniauth_callbacks: 'omniauth_callbacks' }

创建回调控制器

#app/controllers/omniauth_callbacks_controller.rb
class OmniauthCallbacksController < ApplicationController

  def wordpress_oauth2
    #You need to implement the method below in your model (e.g. app/models/user.rb)
    @user = User.find_for_wordpress_oauth2(request.env["omniauth.auth"], current_user)

    if @user.persisted?
      flash[:notice] = I18n.t "devise.omniauth_callbacks.success", :kind => "Wordpress Oauth2"
      sign_in_and_redirect @user, :event => :authentication #this will throw if @user is not activated
    else
      session["devise.wordpress_oauth2_data"] = request.env["omniauth.auth"]
      redirect_to new_user_registration_url
    end
  end

end

现在你必须确保用户模型是全能的

now you have to make sure that the user model is omniauthable

class User < ActiveRecord::Base
  devise :database_authenticatable, :registerable,
  :recoverable, :rememberable, :trackable, :validatable, :omniauthable
  ...

def self.find_for_wordpress_oauth2(oauth, signed_in_user=nil)

    #if the user was already signed in / but they navigated through the authorization with wordpress
    if signed_in_user

      #update / synch any information you want from the authentication service.
      if signed_in_user.email.nil? or signed_in_user.email.empty?
        signed_in_user.update_attributes(email: oauth['info']['email'])
      end

      return signed_in_user
    else
      #find user by id and provider.
      user = User.find_by_provider_and_uid(oauth['provider'], oauth['uid'])

      #if user isn't in our database yet, create it!
      if user.nil?
        user = User.create!(email: oauth['info']['email'], uid: oauth['uid'], provider: oauth['provider'],
                            nickname: oauth['extra']['user_login'], website: oauth['info']['urls']['Website'],
                            display_name: oauth['extra']['display_name'])
      end

      user
    end

end



end

希望能帮到你

这篇关于从 Rails 单点登录 Wordpress的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！