Home Explore Help
Sign In
fgm
/
meteor__drupal-sso
1
0
Fork 0
Files Pull Requests 0
Tree: 6df6fa9719
Branches Tags
meteor__drupal-...
/
README.md

README.md 2.9 KB
History Raw

Drupal SSO

The Drupal SSO package provides transparent authentication integration with a Drupal instance.

Usage

  • Add the package to the application: meteor add fgm:drupal-sso
  • Add and enable the Meteor module to your Drupal server
    • Obtain an application token from the module for your Meteor app

  • Configure a drupal-sso section in your settings.json, like:

    {
'drupal-sso': {
  "site": "http://example.com",
  "appToken": "the application token you got from the Meteor module"
  }
}

  • In the app startup, initialize a SSO instance: SSO = new DrupalSSO();.

    • You probably want to do this in client/lib/init.js to be sure it happens as early as possible.

  • In your template helpers, expose that variable: Spacebars apparently cannot see variables, like this:

    Template.some_template_name.helpers({
   sso: function () {
     return SSO;
   },
});

  • Once this is done, your application can use the SSO methods, passive and reactive data sources:

    • Reactive: userId(), userName(), userRoles()
    • Passive: state.sessionName, state.anonymousName, state.online

  • You may delay until initialization by the Drupal server has completed by waiting on SSO.state.online until it is no longer undefined.

What exactly does this provide ?

Unlike Meteor, Drupal relies by default on cookie-based authentication. This package makes use of the Drupal session cookie to authenticate the user with the Drupal instance having created the cookie.

It enables adding Meteor pages to a Drupal site without having to care for authentication, which is carried over from Drupal for each logged-in user.

Pros and cons

  • Pros
    • Unlike OAuth-based users Meteor packages, users never see any authentication request from the backend Drupal instance, making the whole process transparent
    • The user experience is seamless authentication-wise: users can link from a Drupal page to a Meteor page and vice-versa and their credentials track them
    • Logging out of Drupal automatically logs the user out of Meteor too
    • The Drupal instance authorizes the Meteor applications in advance
    • A Drupal instance can authorize multiple Meteor applications
    • Supports Drupal 8 instances
  • Cons
    • This is a one-off, ad hoc mechanism, not a standards-based approach like OAuth
    • This package does not (currently) provide integration with the Meteor accounts API
    • The authentication targets a single Drupal instance for a given application, preventing integration with multiple backends, as a NOC-type dashboard applciation might need
    • Does not support Drupal 7, BackdropCMS, nor earlier Drupal versions
  • Double-edged
    • Login/logout is centralized on Drupal. This is good for Meteor pages as a complement to an existing site, not so much for more decoupled cases.