Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Programmatically trigger SSO #102

Open
Gardamuse opened this issue May 28, 2022 · 2 comments
Open

Programmatically trigger SSO #102

Gardamuse opened this issue May 28, 2022 · 2 comments

Comments

@Gardamuse
Copy link

Gardamuse commented May 28, 2022

How would one programmatically trigger SSO?

I have implemented Commento with SSO on my website. However, since users already have accounts on the website and can log in with their username/password (after which they are granted a JWT cookie), I would like to be able to automatically log users into Commento when they are logged in to the website (and ideally log them out of Commento when they log out of the website or are no longer logged in to the website).

Pull request #34 would be a step in the right direction, but not quite enough as users would not actually be logged in until they start to type a comment or press the Commento "Log In" button, after already signing into the website. They would also not be logged out of Commento when logging out from the website.

@Gardamuse
Copy link
Author

I realized that for my use case, it was probably best to just implement my own comment system. This since I already have a full frontend, backend, database and user authorization set up already, and I might be looking at doing some custom hijinks with user profiles as well.

It might even be that programmatic SSO as I was asking for is actually out-of-scope for Commento++, at least in the short term? I suppose comment plugins are more important for when you don't have your own user database.

@waschinski
Copy link

I am in the same boat as you and probably won't use Commento++ for the same reason. No direct login when using SSO is a no-go.

I actually like how FastComments (Saas) is handling that. It provides SSO user data right away with the normal configuration when loading comments. Haven't seen it implemented like that anywhere else.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants