|
@@ -4,8 +4,29 @@ Drupal SSO
|
|
|
The Drupal SSO package provides transparent authentication integration with a Drupal instance.
|
|
|
|
|
|
|
|
|
-What does this mean ?
|
|
|
----------------------
|
|
|
+Usage
|
|
|
+-----
|
|
|
+
|
|
|
+* Add the package to the application: `meteor add fgm:drupal-sso`
|
|
|
+* Add and enable the Meteor module to your Drupal server
|
|
|
+ * Obtain an application token from the module for your Meteor app
|
|
|
+* Configure a `drupal-sso` section in your `settings.json`, like:
|
|
|
+
|
|
|
+ {
|
|
|
+ 'drupal-sso': {
|
|
|
+ "site": "http://example.com",
|
|
|
+ "appToken": "the application token you got from the Meteor module"
|
|
|
+ }
|
|
|
+ }
|
|
|
+* In the app startup, initialize a SSO instance: `SSO = new DrupalSSO();`
|
|
|
+* Once this is done, your application can use the SSO methods, passive and reactive data sources:
|
|
|
+ * Reactive: `userId()`, `userName()`, `userRoles()`
|
|
|
+ * Passive: `state.sessionName`, `state.anonymousName`, `state.online`
|
|
|
+* You may delay until initialization by the Drupal server has completed by waiting on `SSO.state.online` until it is no longer `undefined`.
|
|
|
+
|
|
|
+
|
|
|
+What exactly does this provide ?
|
|
|
+--------------------------------
|
|
|
|
|
|
Unlike Meteor, Drupal relies by default on cookie-based authentication. This
|
|
|
package makes use of the Drupal session cookie to authenticate the user with the
|
|
@@ -14,19 +35,19 @@ Drupal instance having created the cookie.
|
|
|
It enables adding Meteor pages to a Drupal site without having to care for authentication, which
|
|
|
is carried over from Drupal for each logged-in user.
|
|
|
|
|
|
+
|
|
|
Pros and cons
|
|
|
-------------
|
|
|
|
|
|
* Pros
|
|
|
- * Unlike OAuth-based users Meteor packages, users never see any authentication
|
|
|
- request from the backend Drupal instance
|
|
|
+ * Unlike OAuth-based users Meteor packages, users never see any authentication request from the backend Drupal instance, making the whole process transparent
|
|
|
* The user experience is seamless authentication-wise: users can link from a Drupal page to a Meteor page and vice-versa and their credentials track them
|
|
|
+ * Logging out of Drupal automatically logs the user out of Meteor too
|
|
|
* The Drupal instance authorizes the Meteor applications in advance
|
|
|
* A Drupal instance can authorize multiple Meteor applications
|
|
|
* Supports Drupal 8 instances
|
|
|
* Cons
|
|
|
- * This is a one-off, _ad hoc_ mechanism, not a standards-based approach like
|
|
|
- OAuth
|
|
|
+ * This is a one-off, _ad hoc_ mechanism, not a standards-based approach like OAuth
|
|
|
* This package does not (currently) provide integration with the Meteor accounts API
|
|
|
* The authentication targets a single Drupal instance for a given application, preventing integration with multiple backends, as a NOC-type dashboard applciation might need
|
|
|
* Does not support Drupal 7, BackdropCMS, nor earlier Drupal versions
|