I am currently trying to bring Auth0 authentication to my Discourse app. I essentially followed the workflow here and I get things running.
However, I am not quite happy with it for several reasons:
After clicking on sign in/up, there is only a button "with Auth0’. I want there Auth0 login/sign up panel the only thing that shows up after clicking sign in/up at the top of the Discourse page.
After authentication with Auth0, people should not have to create a new user, instead it should all be fine because of Auth0.
E-mail authentication should be or should have been handled via Auth0, not via Discourse.
If you already have logged in via Auth0 in that browser, possibly with the same app from Auth0, in another module of our platform, then you should be automatically logged in.
There should still be the possibility to login as the admin user, as this might turn out to be more challenging after implementing point no. 1.
Could you help me to setup everything or at least parts of it?
Some of the limitations you are describing are part of the Discourse platform, and Auth0 has no control over how Discourse handles the user after Auth0 issues a token. I’ll try my best to address each question.
Can you please share a screenshot of this? IIRC, your desired solution is exactly how our discourse instance works. Please let me know.
This is part of the Discourse framework. Additional information is required by Discourse and skipping this step would be a change that needs to happen in your Discourse instance.
Auth0 should be handling the email authentication (email/password login) if you have your Auth0 tenant set up to do so. Can you give an example of what you are seeing?
This is another factor that is controlled by the Discourse app. The discourse app would need to make a silent request whenever any user visits the site and attempt a login. It is generally possible with Auth0 (see silent authentication) but would have to be initiated by the discourse application.
Can you please share more details on this? We have discourse admin users that log in through Auth0 without any issue.