This is a premium service, it cost $50/month, please email us if you're interested: 'upgrades -at- lefora.com'
How does it work?
A member of your website who is logged in, might click a link to view your forum. Assuming they then try to post or request to join the forum, they will be prompted to choose a lefora username (no email address or password is needed).
Your server and our servers will talk to each other to authenticate the user on the forum. We'll write a cookie to their computer, and then the user will be logged in. On subsequent visits, the user will automatically be logged into the forum.
If they log out of your site and try to post on the forum, we'll send them back to your website to login and authenticate.
Your server and our servers will talk to each other to authenticate the user on the forum. We'll write a cookie to their computer, and then the user will be logged in. On subsequent visits, the user will automatically be logged into the forum.
If they log out of your site and try to post on the forum, we'll send them back to your website to login and authenticate.
--------------------------------------------------------------
Technical Details
Scenario: Assume a user is logged into your website (i'll assume www.example.com for this example, your forum would be on your subdomain yourforum.example.com)
1. The user visits your forum for the first time and clicks to start a topic (at that point, we'll need to authenticate for the first time). We'll send the user to a URL on your site, say http://www.example.com/authenticate/?destination=<URL to return the user to on Lefora>
2. You'll pass the user back to lefora (to the destination argument) and include a ?tokenurl argument. The ?tokenurl will be a URL we can run a JSON dictionary querly against. The ?tokenurl should have a uniquetoken appended to the URL that only works once (for security concerns)
3. We'll make a JSON dictionary query and expect the following to return:
{
'userid': '...',
'email': '...',
'username': '...',
'name': '...'
}
'...' would be filled in by the values. Userid and email are required, username and name are optional (depending if you use usernames on your site) The userid mut be a unique identifier for the user.
4. Assuming you don't use usernames on your site, the user will have to pick a username for the first time on Lefora. On return visits this can happen in the background (info about auto-login in below). (Note on usernames, currently they must be unique across all of lefora, but soon we'll be allowing that a username is unique only within a single forum)
Example URL in Step 1: http://www.example.com/authenticate/?destination=http%3A%2F%2Fyourforum.example.com%2Fforum%2Fthread%2Fcreate%2F
Example URL in Step 2: http://yourforum.example.com/forum/thread/create/?tokenurl=http%3A%2F%2Fwww.example.com%2Fauthenticate%3Ftoken%abc123
Auto-login in on return visits - If you want the user to be automatically logged in on return visits, then you can set a cookie with the userid. The name of the cookie doesn't matter (just tell us what is is). It has to be set on the entire domain and not just a subdomain. For instance,
.example.com rather than www.example.com
--------------------------------------------------------------
Questions:
If you have any questions, as this thread is locked, please post them here:
http://support.lefora.com/2009/01/06/questions-on-lefora-third-party-authentication-api/
If you have any questions, as this thread is locked, please post them here:
http://support.lefora.com/2009/01/06/questions-on-lefora-third-party-authentication-api/
