3

I'm trying to build out the requirements for the Flarum SSO PHP plugin with CodeIgniter as the SSO provider, and I feel like I'm really close - but it just doesn't quite work. I can see that the credentials pass to Flarum on user login, but when navigating to Flarum the user is not logged in and the only cookie is flarum_session.

Here's my code; this is all on my local/test server, so the keys and tokens don't matter:

// Shield to Flarum integration
Events::on('login', function ($user) {
    $request = service('request');

    $password = $request->getPost('password');
    $remember = ($request->getPost('remember') === 'on') ? true : false;

    $flarum = new Flarum([
        'url' => 'http://flarum.home-nas',
        'root_domain' => 'home-nas',
        'api_key' => 'v5vxq5rrPVLgmddjZgYf4nngzeWyy3YfDB56rk5w',
        'password_token' => 'k%RG*sG?N!_F~x62{@CjhHtrpcamHyXsf=P%Uj43\Ze!\qU9G}|RsQPG{6K',
        'verify_ssl' => false,
        'remember' => $remember
    ]);

    /** 
     * Flarum usernames are not email addresses, and the SSO plugin complains with emails. 
     * If the username doesn't exist, we need to create a username from the email address, 
     * else grab it from the CodeIgniter user object
     */

    $usernameonly = substr($user->email, 0, strpos($user->email, "@"));
    $cleaned_up = preg_replace("/[^A-Za-z0-9]/", '', $usernameonly);

    $flarum_user = !empty($user->username) ? $flarum->user($user->username) : $flarum->user($cleaned_up);

    //User details
    $flarum_user->attributes->email = $user->email;
    $flarum_user->attributes->password = $password;
    //$flarum_user->attributes->is_email_confirmed = true; /* is_email_confirmed is undefined in intelephense */

    // Login the user with username
    $flarum_success = $flarum_user->login();
    if ($flarum_success) {
        log_message("notice", "flarum thinks it worked");
    } else {
        log_message("notice", "flarum thinks it failed.");
    }
});
James
  • 834
  • 7
  • 27
  • Just asking for clarification: Are you missing a cookie? If so, which one? Are you missing a login? If so, which one? – hakre Jul 15 '23 at 14:47
  • And perhaps stating the obvious, but the login you only do within the API layer, that is not the session of the user in the browser? Perhaps the API may provide the session id and you could set the cookie so that the browser can pick up that session? (I don't know if the Flarum API supports that as I don't know it, but could imagine it does somehow as it provides a login() method or you need to have Flarum a login provider that interacts with CodeIgniter) – hakre Jul 15 '23 at 20:49
  • @hakre, the `Flarum SSO PHP plugin` I mentioned is supposed to take care of creating the login cookie as `flarum_token`. The [Troubleshooting Guide](https://docs.maicol07.it/en/flarum-sso/plugins/php#troubleshooting) at step 2 indicates that I likely have something configured wrong, but I can't tell what. – James Jul 20 '23 at 15:16
  • @hakre for further clarity, the `Flarum SSO PHP plugin` uses the [delight-im/cookie](https://github.com/delight-im/PHP-Cookie) library to handle cookie generation. – James Jul 20 '23 at 20:29

0 Answers0