将话语SSO与现有的Rails网站结合起来 [英] Incorporating Discourse SSO with Existing Rails Site with Devise

问题描述

我有一个现有的rails应用程序正在使用devise作为用户身份验证。我添加了一个话语论坛，一切顺利，它位于一个子域。我已在 https://meta.discourse.org/t/阅读了这篇文章官方单点登录话题/ 13045 ，但是一旦用户登录到现有的rails站点，仍然不知道该怎么处理事情的一面。目前这个过程是我理解的：

Step1：用户点击子域上的话语论坛。用户需要登录才能点击登录按钮。

Step2：用户被发送到现有的rails站点上的登录页面。

步骤3：用户登录rails站点。

Step4：用户应该被重定向到话语论坛的子域名登录。

我的问题是 - 我该怎么办需要做的是让用户在步骤3登录后才能重定向到子域？有没有人成功实施这个？我在该演练页面上看到这段代码片段：

  class DiscourseSsoController< ApplicationController 
 def sso 
 secret =MY_SECRET_STRING
 sso = SingleSignOn.parse（request.query_string，secret）
 sso.email =user@email.com
 sso.name =Bill Hicks
 sso.username =bill@hicks.com
 sso.external_id =123＃应用程序唯一
 sso.sso_secret = secret 
 
 redirect_to sso.to_url（http：//l.discourse/session/sso_login）
 end 
 end 
  

这是我现在需要添加的rails应用程序吗？我猜测解析是否这个信息是在url，如果是这样，它会重定向一旦完成设计登录过程，如果不是它只是像往常一样的功能。我会把这个代码放在devise文件的某个地方吗？

解决方案

这很简单。接下来是根据 https://meta.discourse.org/t/的说明官方单点登录/ 13045 ，并推断一点，我有这个工作：

1）把参考实现 - < a href =https://github.com/discourse/discourse/blob/master/lib/single_sign_on.rb> https://github.com/discourse/discourse/blob/master/lib/single_sign_on.rb - 在您的＃{Rails.root} / lib目录中

2）将此路由添加到routes.rb

  get'discourse / sso'=> 'discourse_sso＃sso'
  

3）把这个控制器放在你的app / controllers目录下

  require'single_sign_on'
 
 class DiscourseSsoController< ApplicationController 
 before_action：authenticate_user！ ＃确保用户必须登录
 
 def sso 
 secret =MY_SECRET_STRING
 sso = SingleSignOn.parse（request.query_string，secret）
 sso.email = current_user。电子邮件＃from devise 
 sso.name = current_user.full_name＃这是User类上的自定义方法
 sso.username = current_user.email＃from devise 
 sso.external_id = current_user.id ＃from devise 
 sso.sso_secret = secret 
 
 redirect_to sso.to_url（http：// your_discource_server / session / sso_login）
 end 
 end 
  

4）在话语中设置SSO配置以具有以下

  sso url：http：// your_rails_server / discourse / sso 
 sso secret：你设置为MY_SECRET_STRING以上
  / pre> 
 
 
 5）禁用话语中的其他登录类型。
 
 
 
 6）尝试登录话语。它应该工作... 
 
I have an existing rails app that is using devise as it's user authentication. I added a discourse forum and everything went smoothly and it resides on a subdomain. I have read the post at https://meta.discourse.org/t/official-single-sign-on-for-discourse/13045 but still don't know what to do with the devise side of things once the user logs in on the existing rails site. Currently this is the process as I understand it:

Step1: User hits Discourse forum on subdomain. User needs to login so clicks login button. 

Step2: User is sent to the login page on the existing rails site. 

Step3: User logs in on rails site. 

Step4: User should be redirected to discourse forum subdomain logged in. 

My question is - What do I need to to do to make it so that when a user logs in on step 3 they get redirected back to the subdomain? Has anyone successfully implemented this? I saw this code snippet on that walkthrough page: 
  class DiscourseSsoController < ApplicationController
  def sso
    secret = "MY_SECRET_STRING"
    sso = SingleSignOn.parse(request.query_string, secret)
    sso.email = "user@email.com"
    sso.name = "Bill Hicks"
    sso.username = "bill@hicks.com"
    sso.external_id = "123" # unique to your application
    sso.sso_secret = secret

    redirect_to sso.to_url("http://l.discourse/session/sso_login")
  end
end
Is this what I would need to add in my existing rails app? I'm guessing the parse checks if that information is in the url and if so it redirects once it finishes the devise login process, and if not it just functions as usual. Would I place this code somewhere in the devise files? 
解决方案
This is pretty straightforward. Following on from the instructions at https://meta.discourse.org/t/official-single-sign-on-for-discourse/13045  and extrapolating a little, I have this working:

1) Put the reference implementation - https://github.com/discourse/discourse/blob/master/lib/single_sign_on.rb - in your #{Rails.root}/lib directory 

2) Add this route to routes.rb
get 'discourse/sso' => 'discourse_sso#sso'
3) Put this controller in your app/controllers directory
require 'single_sign_on'

class DiscourseSsoController < ApplicationController
  before_action :authenticate_user! # ensures user must login

  def sso
    secret = "MY_SECRET_STRING"
    sso = SingleSignOn.parse(request.query_string, secret)
    sso.email = current_user.email # from devise
    sso.name = current_user.full_name # this is a custom method on the User class
    sso.username = current_user.email # from devise
    sso.external_id = current_user.id # from devise
    sso.sso_secret = secret

    redirect_to sso.to_url("http://your_discource_server/session/sso_login")
  end
end
4) Set up the SSO config in discourse to have the following
sso url: http://your_rails_server/discourse/sso
sso secret : what you set as MY_SECRET_STRING above
5) Disable other login types in discourse.

6) Try to login in discourse. It should work...

                        
这篇关于将话语SSO与现有的Rails网站结合起来的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！