将 Discourse SSO 与现有的 Rails 站点与 Devise 结合 [英] Incorporating Discourse SSO with Existing Rails Site with Devise

问题描述

我有一个现有的 rails 应用程序，它正在使用设计作为用户身份验证.我添加了一个话语论坛，一切都进行得很顺利，它驻留在一个子域中.我已阅读 https://meta.discourse.org/t/上的帖子official-single-sign-on-for-discourse/13045 但仍然不知道一旦用户登录到现有的 rails 站点后如何处理设计方面的事情.目前这是我理解的过程:

I have an existing rails app that is using devise as it's user authentication. I added a discourse forum and everything went smoothly and it resides on a subdomain. I have read the post at https://meta.discourse.org/t/official-single-sign-on-for-discourse/13045 but still don't know what to do with the devise side of things once the user logs in on the existing rails site. Currently this is the process as I understand it:

步骤 1:用户点击子域上的 Discourse 论坛.用户需要登录，所以点击登录按钮.

Step1: User hits Discourse forum on subdomain. User needs to login so clicks login button.

Step2:用户被发送到现有 Rails 站点上的登录页面.

Step2: User is sent to the login page on the existing rails site.

步骤 3:用户登录 rails 站点.

Step3: User logs in on rails site.

Step4:用户应该被重定向到登录的discourse论坛子域.

Step4: User should be redirected to discourse forum subdomain logged in.

我的问题是 - 我需要做什么才能使用户在第 3 步登录时被重定向回子域?有没有人成功实施过这个?我在该演练页面上看到了此代码片段:

My question is - What do I need to to do to make it so that when a user logs in on step 3 they get redirected back to the subdomain? Has anyone successfully implemented this? I saw this code snippet on that walkthrough page:

  class DiscourseSsoController < ApplicationController
  def sso
    secret = "MY_SECRET_STRING"
    sso = SingleSignOn.parse(request.query_string, secret)
    sso.email = "user@email.com"
    sso.name = "Bill Hicks"
    sso.username = "bill@hicks.com"
    sso.external_id = "123" # unique to your application
    sso.sso_secret = secret

    redirect_to sso.to_url("http://l.discourse/session/sso_login")
  end
end

这是我需要在我现有的 rails 应用程序中添加的内容吗?我猜解析会检查该信息是否在 url 中，如果是，它会在完成设计登录过程后重定向，如果不是，则它会像往常一样运行.我会将此代码放在设计文件中的某个位置吗?

Is this what I would need to add in my existing rails app? I'm guessing the parse checks if that information is in the url and if so it redirects once it finishes the devise login process, and if not it just functions as usual. Would I place this code somewhere in the devise files?

推荐答案

这非常简单.按照 https://meta.discourse.org/t/上的说明进行操作官方单点登录 for-discourse/13045 并稍微推断一下，我有这个工作:

This is pretty straightforward. Following on from the instructions at https://meta.discourse.org/t/official-single-sign-on-for-discourse/13045 and extrapolating a little, I have this working:

1) 放参考实现——https://github.com/discourse/discourse/blob/master/lib/single_sign_on.rb - 在你的 #{Rails.root}/lib 目录中

1) Put the reference implementation - https://github.com/discourse/discourse/blob/master/lib/single_sign_on.rb - in your #{Rails.root}/lib directory

2) 将此路由添加到 routes.rb

2) Add this route to routes.rb

get 'discourse/sso' => 'discourse_sso#sso'

3) 将此控制器放在您的 app/controllers 目录中

3) Put this controller in your app/controllers directory

require 'single_sign_on'

class DiscourseSsoController < ApplicationController
  before_action :authenticate_user! # ensures user must login

  def sso
    secret = "MY_SECRET_STRING"
    sso = SingleSignOn.parse(request.query_string, secret)
    sso.email = current_user.email # from devise
    sso.name = current_user.full_name # this is a custom method on the User class
    sso.username = current_user.email # from devise
    sso.external_id = current_user.id # from devise
    sso.sso_secret = secret

    redirect_to sso.to_url("http://your_discource_server/session/sso_login")
  end
end

4) 在 discourse 中设置 SSO 配置以具有以下内容

4) Set up the SSO config in discourse to have the following

sso url: http://your_rails_server/discourse/sso
sso secret : what you set as MY_SECRET_STRING above

5) 禁用话语中的其他登录类型.

5) Disable other login types in discourse.

6) 尝试在话语中登录.它应该工作...

6) Try to login in discourse. It should work...

这篇关于将 Discourse SSO 与现有的 Rails 站点与 Devise 结合的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！