Halaman utama Jelajahi Bantuan
Masuk
fgm
/
meteor__drupal-sso
1
0
Fork 0
Berkas Permintaan Tarik 0

The initial package which became accounts-drupal. Please use accounts-drupal instead. https://github.com/FGM/accounts-drupal

Pohon: 2632ba6feb
Ranting Tag
meteor__drupal-...
ZIP TAR.GZ
Frederic G. MARAND 2632ba6feb Pass SSO instance to template helpers. 10 tahun lalu
client 2632ba6feb Pass SSO instance to template helpers. 10 tahun lalu
lib 2632ba6feb Pass SSO instance to template helpers. 10 tahun lalu
server 79862964d0 First acceptable-looking part: SSO initialization. 10 tahun lalu
.jshintrc 79862964d0 First acceptable-looking part: SSO initialization. 10 tahun lalu
README.md 79862964d0 First acceptable-looking part: SSO initialization. 10 tahun lalu
drupal-sso-tests.js fc2b5526e3 First commit: package created from http://docs.meteor.com/#/full/writingpackages 10 tahun lalu
package.js 2632ba6feb Pass SSO instance to template helpers. 10 tahun lalu
sso.js 79862964d0 First acceptable-looking part: SSO initialization. 10 tahun lalu

README.md

Drupal SSO

The Drupal SSO package provides transparent authentication integration with a Drupal instance.

Usage

  • Add the package to the application: meteor add fgm:drupal-sso
  • Add and enable the Meteor module to your Drupal server
    • Obtain an application token from the module for your Meteor app

  • Configure a drupal-sso section in your settings.json, like:

    {
'drupal-sso': {
  "site": "http://example.com",
  "appToken": "the application token you got from the Meteor module"
  }
}

  • In the app startup, initialize a SSO instance: SSO = new DrupalSSO();

  • Once this is done, your application can use the SSO methods, passive and reactive data sources:

    • Reactive: userId(), userName(), userRoles()
    • Passive: state.sessionName, state.anonymousName, state.online

  • You may delay until initialization by the Drupal server has completed by waiting on SSO.state.online until it is no longer undefined.

What exactly does this provide ?

Unlike Meteor, Drupal relies by default on cookie-based authentication. This package makes use of the Drupal session cookie to authenticate the user with the Drupal instance having created the cookie.

It enables adding Meteor pages to a Drupal site without having to care for authentication, which is carried over from Drupal for each logged-in user.

Pros and cons

  • Pros
    • Unlike OAuth-based users Meteor packages, users never see any authentication request from the backend Drupal instance, making the whole process transparent
    • The user experience is seamless authentication-wise: users can link from a Drupal page to a Meteor page and vice-versa and their credentials track them
    • Logging out of Drupal automatically logs the user out of Meteor too
    • The Drupal instance authorizes the Meteor applications in advance
    • A Drupal instance can authorize multiple Meteor applications
    • Supports Drupal 8 instances
  • Cons
    • This is a one-off, ad hoc mechanism, not a standards-based approach like OAuth
    • This package does not (currently) provide integration with the Meteor accounts API
    • The authentication targets a single Drupal instance for a given application, preventing integration with multiple backends, as a NOC-type dashboard applciation might need
    • Does not support Drupal 7, BackdropCMS, nor earlier Drupal versions
  • Double-edged
    • Login/logout is centralized on Drupal. This is good for Meteor pages as a complement to an existing site, not so much for more decoupled cases.