SSO isn't the solution to all our login related problems


(Leo McArdle) #1

Continuing the discussion from Is Discourse SSO the solution to all our login related problems?:

I no longer think so, at least, not by building our own SSO server. This is because, after a painful few hours of trial and error development, I present: https://github.com/LeoMcA/discourse-mozillians

This is essentially the mozillians integration which was in discourse-persona-mozillians integrated into all authentication systems. This means that we can enable as many auth systems as we want (e.g. Firefox Accounts, Webmaker ID, and Yahoo!) and no matter how a user logs in, they’ll still have their vouched status updated.

This resolves the first reason for using SSO, as for the second reason - giving us complete control over users’ usernames - again I expect we’ll be able to do this through a plugin, or through improving the SSO provider which is built into Discourse (allowing us to use one Discourse instance as an SSO server for all the others).


(Tanner Filip) #2

#3

Ooh! That fix is timely, we were just discussing wanting to turn on social
for the community Discourse, but Yousef pointed out it would break
Mozillians checking.