Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

login with Twitter and/or GitHub credentials #2382

Open
stargazer33 opened this issue Jun 28, 2019 · 10 comments

Comments

Projects
None yet
4 participants
@stargazer33
Copy link

commented Jun 28, 2019

Do you want to request a feature or report a bug?

Feature

Intended outcome:

I would like to be able to login with Twitter and/or GitHub credentials (for community of developers login with GitHub credentials is great).

Implementation hints: There might be different ways to implement it:

  1. Add Twitter and GitHub authentication to coralproject

  2. Use kind of Custom SSO Token Integration with... Google Firebase SDK: see:
    https://firebase.google.com/docs/auth
    https://github.com/firebase/firebaseui-web
    (the second link is a working example of Firebase authentication)
    Google Firebase SDK already supports login with Google, Facebook, Twitter, GitHub
    (and FirebaseUI-Web shows the "Microsoft" button).

Many projects already use Firebase SDK.
So some kind of integration would be great.

It may be that existing Coralproject functionality described here https://docs.coralproject.net/talk/integrating/authentication/
is enough and what is missing -- an EXAMPLE showing how to use FirebaseUI-Web together with Coralproject. (I believe this is not that simple)

Actual outcome:

As far as I understand -- at the moment you can not login with Twitter or GitHub credentials
(only with Google and Facebook)

Thanks in advance
Dmitri Geller

@kgardnr

This comment has been minimized.

Copy link
Member

commented Jun 28, 2019

Hi Dmitri (@stargazer33)! Great to be in touch and thank you for suggesting this feature. Where are you currently using Talk? Or if you're not using it currently, where do you plan to?

@stargazer33

This comment has been minimized.

Copy link
Author

commented Jun 28, 2019

Hi Kim,
I would like to use Talk to add comments to job ads listed on remote4me.com
For example here: https://remote4me.com/remote-frontend-jobs

The site audience -- developers -- they all have Github accounts... so it make sense to give them Github login. Twitter also make sense

UPDATE:
Prio N1: Github login
Prio N2: Twitter login (could be added later)

@stargazer33

This comment has been minimized.

Copy link
Author

commented Jul 2, 2019

Hi Kim (@kgardnr) what do you think?
I need this Github login.
If you/Coral developers guide me a bit -- may be I will build something working or create a PR or a working example (again a PR?)

@kgardnr

This comment has been minimized.

Copy link
Member

commented Jul 2, 2019

Hey Dmitri! In this case, we'd highly advise to create your own auth plugin and use SSO with Firebase. You can follow the Auth Docs you linked to above, and also use our SSO plugin recipe, which can act as a template: https://github.com/coralproject/talk-recipes/tree/master/plugins/custom-auth

If you'd rather create 2 social login plugins separately, one for Github and one for Twitter, you can use our Facebook auth plugin as a template: https://github.com/coralproject/talk/tree/master/plugins/talk-plugin-facebook-auth

@kgardnr kgardnr added question and removed feature idea labels Jul 2, 2019

@stargazer33

This comment has been minimized.

Copy link
Author

commented Jul 2, 2019

Kim, I looked into it... OMG... looks like a task for a good JS developer, and I'm more backend developer

@kgardnr

This comment has been minimized.

Copy link
Member

commented Jul 2, 2019

You're only a backend developer until you write your first line of JS, as they say ;) A lot of folks who are limited in their JS experience or even dev experience have been able to build plugins, and we have some tutorials in our docs. That's all to say, it might be worth trying!

@tucson-tom

This comment has been minimized.

Copy link

commented Jul 3, 2019

I'm with @stargazer33 on this simple observation: Coral looks "pretty" but is a complete mess from a design and engineering backend perspective. Its backend is a disaster (i.e. requiring Docker is always wrong), the documentation for actually customizing it is basically non-existent, and the example for "custom" SSO shows how to do JWT but is meaningless since it lacks demonstrating true custom and enterprise SSO integrations.

This is my second attempt to foray into this software and it is still a giant wreck. If you want people to deploy software like this across disparate environments, it needs to be braindead simple to deploy, modify, and vet. This project is most definitely none of those. I've written multiple 20,000+ line applications (with actual SSO!) without any difficulty but this comparatively tiny project just hurts my head to look at. I'd roll my own similar solution in just a few days' time if there weren't orders from on high to use this very specific project and only this project. It'll take me far longer to figure out how to get SSO working than it would take me to roll my own solution from scratch.

@kgardnr

This comment has been minimized.

Copy link
Member

commented Jul 3, 2019

Hey @tucson-tom, thank you for the feedback and being so frank, we're always open to other developers' opinions - especially those with your experience.

There's a couple different options we can offer you if you're stuck. First off, we're more than happy to host Coral for you; if you're interested, you can fill out this form for a quote: https://airtable.com/shrL2EtHR1zvJv4gw.

Secondly, we'd be happy to sit down with you and your team and see how we might be able to help you get Coral up and running on your own. You can reach us at support at coralproject dot net for more guidance there.

Otherwise, it is open source with nearly 100 other contributors - we'd be happy to consider any additions you'd like to contribute.

Let us know how we can best help, and thanks again!

@stargazer33

This comment has been minimized.

Copy link
Author

commented Jul 3, 2019

I'd roll my own similar solution in just a few days' time if there weren't orders from on high to use this very specific project and only this project. It'll take me far longer to figure out how to get SSO working than it would take me to roll my own solution from scratch.

Hi @tucson-tom,
well, I only can judge about Java code and Coral is not Java.
And I see two things:

  • (almost) all required functionality is there (OK, no logins with other social networks)
  • there are tests

In case the test coverage is good... than... a well known approach can be applied: REFACTOR IT, step by step! Rely on tests... add more tests if necessary... REFACTOR AGAIN ))) And so on.

My experience shows that often this brings better results than the frontal attack
"argh... I'm rewriting this bloody thing from scratch! during this weekend!"

Well, and actually I what I wanted -- the above mentioned social logins for Coral...

@leeeandroo

This comment has been minimized.

Copy link
Contributor

commented Jul 3, 2019

Hi @stargazer33 ,

If you just need one more auth provider, like facebook, you can use the talk-plugin-facebook-auth as base and create your own. In the plugin itself, It's not a lot of code to read and understand... The most hard think, the strategy, you can use an external lib like Facebook does (see here.

There are a lot of strategies here: http://www.passportjs.org/packages/

You can use this for Github and follow the docs to help you to adapt the talk-plugin-facebook-auth.

passport.use(new GitHubStrategy({
    clientID: GITHUB_CLIENT_ID,
    clientSecret: GITHUB_CLIENT_SECRET,
    callbackURL: "http://127.0.0.1:3000/auth/github/callback"
  },
  function(accessToken, refreshToken, profile, cb) {
    User.findOrCreate({ githubId: profile.id }, function (err, user) {
      return cb(err, user);
    });
  }
));

:)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.