comses.net icon indicating copy to clipboard operation
comses.net copied to clipboard
verified publisher icon comses

sync django accounts with discourse

Open alee opened this issue 7 years ago • 6 comments

now that we are embedding the discourse username in posts we need a way to sync django user accounts and the discourse user accounts. Otherwise a job/event/codebase post by an author won't go through until they login via sso to the forums and create their discourse user

should do this via a signal (User.post_save) and also create a one-off management command that syncs all unsynced Django users (not sure if we need to identify that set or how)

Meta Discourse post on syncing sso:

https://meta.discourse.org/t/sync-sso-user-data-with-the-sync-sso-route/84398

https://meta.discourse.org/t/synchronizing-changes-for-sso-users/29270

alee avatar Apr 13 '18 22:04 alee

From https://meta.discourse.org/t/how-to-import-sso-users/25139/9

curl -X POST --data "name=dave&username=dave&[email protected]&password=P@ssword&active=true" http://localhost:3000/users?api_key=test_d7fd0429940&api_username=test_user

alee avatar Apr 17 '18 23:04 alee

the management command sync consistently times out (no route to host). Are there additional rate limiting settings that must be tweaked on the discourse instance?

alee avatar Apr 22 '18 16:04 alee

I only had to remove the IP registration limit and create an API key for the account sync to work. Making it more robust to network failure https://www.peterbe.com/plog/best-practice-with-retries-with-requests might help though

cpritcha avatar Apr 22 '18 16:04 cpritcha

Closing for now though I'm not able to run the management command

post_save hook and method to create discourse user added in 808f00f2635018e56b9a2a4522a4f5a5b3b4871a

alee avatar Apr 30 '18 21:04 alee

this is still occurring on some accounts but not all. May be a data issue where we just need to rerun the management command for a limited set of users?

alee avatar Oct 17 '18 23:10 alee

I think that create_discourse_user might not be doing what it's supposed to be doing.

It should probably be posting to the sync_sso route via https://forum.example.com/admin/users/sync_sso' as described in https://meta.discourse.org/t/sync-sso-user-data-with-the-sync-sso-route/84398

relevant sync_sso ruby code:

https://github.com/discourse/discourse/blob/master/app/controllers/admin/users_controller.rb#L425

we'll need to have access to the sso secret and an api key for this.

alee avatar Oct 17 '19 06:10 alee