ah so I figured it out. Pretty much perfect. I’ll paste my code here so you wouldn’t need to reinvent the wheel.
First fill the settings in your discourse forum. It’s the very first part in the official guide.
Also make sure you have the npm package
meteor add meteorhacks:npm
packages.js
{
"discourse-sso": "1.0.3"
}
client/router.js
FlowRouter.route('/discourse_sso', {
name: "discourse_sso",
action: function(params) {
var sig = params.query.sig
var sso = params.query.sso
var userId = Meteor.userId()
Meteor.call("discourseSSO", userId, sso, sig, function(err, result) {
console.log("ROUTER DONE", err, result);
if (err || !result)
ReactLayout.render(DiscourseSSO, {error: err}); // renders error if needed
else {
window.location.replace("http://spice.toitla.com/session/sso_login?"+result)
}
})
}
});
server/discourseSSO.js
Meteor.methods({
discourseSSO:function(userId, payload, sig){
discourse_sso = Meteor.npmRequire('discourse-sso');
if (!userId)
throw new Meteor.Error(401, "Not logged in. Please log into Toitla before going to the forum.")
if (!payload || !sig)
throw new Meteor.Error(401, "Forum sent data incorrect: "+payload+" - "+sig)
check(userId, String);
check(payload, String);
check(sig, String);
var user = Meteor.users.findOne(userId)
if (!user.profile || !user.profile.name)
throw new Meteor.Error(401, "Please fill your profile before going to the forum.")
var sso = new discourse_sso(process.env.DISCOURSE_SSO_SECRET);
if (!sso.validate(payload, sig))
throw new Meteor.Error(401, "Payload and Sig do not match")
var userparams = {
// Required, will throw exception otherwise
"nonce": sso.getNonce(payload),
"external_id": user._id,
"email": user.getEmail(),
"username": user.profile.name.replace(/[^a-z0-9]+/gi, "_"),
"name": user.profile.name
}
return sso.buildLoginString(userparams);
}
});
Now when the user goes to the forum, she is automatically redirected to my meteor app where the login stuff happens and redirected back as a logged in user.