Search the Community
Showing results for tags 'Flarum'.
I try to integrate Flarum forum with PW via JSONAPI. First tests are fine (register user, create discussions, get data, ...). To get a valide token I send the username and password as a api call. If auth was successful I'll get the uid and a token back. This token have to be renewed after 30 minutes. To get the token I need username and (plain!) password. So how should I save the user credentials / handle the users? Just additional fields in the user profile username, password, token and uid as array (serialized + base64 encoded) Sync PW users with the remote app (hook PW auth and send a auth request via API call -> token returned = login OK) 1 and 2 would be flexible, but user credentials are saved as plain text! 3 is a secure solution (no plain credentials needed), but PW have to use a remote user backend / auth and maybe some things could be less flexible... Do you see any problems with that solution? Could it break features / modules?