SMF 2.1 RC3 / external auth /bridge

[pappenpapst]

I'm running SMF 2.1 RC3 and my "main" application inside a docker container.

Now I would like to separate each application inside a single container (one for SMF, one for my own application).

My application is handling the whole user registration / login / logout process.
Since the applications will now have their own container, they are separated, so including my modified version of SSI.php won't work anymore.

Are there any external auth plugins I can use / is there an API interface for SMF?
I would need to make sure the following functions are provided for my own application:

• register a new user
• login a user to SMF
• logout a user from SMF

Using the SSI.php as mentioned above isn't possible anymore, since there are many includes to SMF itself (my modified SSI.php):

Code Select Expand

function ssi_LoginUserById($userId)
{

global $txt, $scripturl, $user_info, $user_settings, $smcFunc;
global $cookiename, $maintenance, $modSettings, $context, $sourcedir;
require_once($sourcedir . '/LogInOut.php');

[Kindred]

at this time, I am unaware of any external auth designs

[pappenpapst]

at this time, I am unaware of any external auth designs

Is there a feature list where I can add this feature to?
Nearly any forum has such a functionality, but I'll stick to SMF and place the forum inside the main application container.

[Arantor]

It's not going to happen for 2.1; it's in RC so new features won't be added to it...

[pappenpapst]

Can someone show me the passage for this? Thinking about building an external bridge myself.
Is it hard to set all the login cookies / session values my own, so I can built an API to set this information?

Main intention is to separate my application into one container and SMF into another container.

[Kindred]

what do you mean "passage for this"?

If you're interested in doing something, other than the current developers, Arantor would possibly be the best person to suggest how to connect since that last bridge I worked with was back in the 1.0 and early 1.1 days....


unfortunately, the function database has not yet had 2.1 added to it...
this is 2.0.x
https://support.simplemachines.org/function_db/index.php?action=main

[Douglas]

Pulling a MAJOR thread necromancy here, but this needs to be revisited. I am now in this position where my forums are in a different docker container than the main site is, yet I still need to be able to access (and use) various SSI.php functions within the main site.

I'll be doing some digging into this over the next several days, but this is something that needs to be brought back up to the front burner again.

[Sesquipedalian]

You would need to write such a solution yourself or hire someone to do it for you. It would not be a trivial undertaking.

By isolating your software packages into separate containers, you've done just that: isolate them. To integrate them will require breaking out of that isolation one way or another. It probably wouldn't be impossible to figure out a way to do it, but figuring out a way to do it that worked consistently and securely would be difficult and complicated.

Basically, you need to ask yourself whether you want the software packages to be isolated or integrated. It's an either/or situation, because isolation and integration are opposites.

[live627]

I started writing boilerplate code ford a RESTful API integration some years ago https://github.com/live627/smf-api/tree/main

A Node JS script sends the request with JSON Web Token. If the requested endpoint requires authentication, it validates the JWT and uses an integration hook to let SMF know that this user is "logged in" just for the lifetime of that one request. I did the same in my test suite.

I think the only missing feature is rate limits. Oh, and of course a nice interface in the profile area to manage API tokens.

[Douglas]

Just a heads up that I'm subscribed to alerts and emails and didn't receive either of them about @Sesquipedalian and @live627 replying.

[Steve]

I'm not sure it goes out everyday. I don't get mine right away either.

[live627]

you use gmail?

[Douglas]

@live627 only for testing stuff. Wait... I'm almost betting I know what the issue is now (for email).

Nothing on alerts, though I did get an alert about you liking my post.

EDIT: Email issue was apparently caused by me, since it was tied into a domain I'm no longer running email services with. So that part might be addressed now.