wordpressauthenticationdisqus

Disqus login on Wordpress

I have a problem about disqus login: When signed in the user needs to sign in Disqus again to leave a comment. A much user experience would be if the user only has to sign in once.

I read the document on https://help.disqus.com/customer/portal/articles/1104796-single-sign-on and follow it. Then i login on my site by wp-login, but disqus ask me login for comment: Login Disqus

I must to login twice to leave comment :(

How do users need only log in once?

Thanks.

Solution

  • Finally i found the solution for this question. And Step by step for anybody need that:

    1. First, you need contact to Disqus's support team to enable SSO on your account by this form https://disqus.com/support/?article=contact_SSO.
    2. After SSO enable, you need to set up your SSO domain at https://disqus.com/api/sso/ and https://disqus.com/api/applications/ (You can read document in https://help.disqus.com/customer/portal/articles/236206-integrating-single-sign-on)SSO enable
    3. Paste this code in your theme 

    <?php
define('DISQUS_SECRET_KEY', '<insert secret key here>');
define('DISQUS_PUBLIC_KEY', '<insert public key here>');
$user = wp_get_current_user();
$data = array(
        "id" => $user->data->ID,
        "username" => $user->data->user_login,
        "email" => $user->data->user_email
    );
 
function sb_dsq_hmacsha1($data, $key) {
    $blocksize=64;
    $hashfunc='sha1';
    if (strlen($key)>$blocksize)
        $key=pack('H*', $hashfunc($key));
    $key=str_pad($key,$blocksize,chr(0x00));
    $ipad=str_repeat(chr(0x36),$blocksize);
    $opad=str_repeat(chr(0x5c),$blocksize);
    $hmac = pack(
                'H*',$hashfunc(
                    ($key^$opad).pack(
                        'H*',$hashfunc(
                            ($key^$ipad).$data
                        )
                    )
                )
            );
    return bin2hex($hmac);
}
 
$message = base64_encode(json_encode($data));
$timestamp = time();
?>
<script>
    /**
     *  RECOMMENDED CONFIGURATION VARIABLES: EDIT AND UNCOMMENT THE SECTION BELOW TO INSERT DYNAMIC VALUES FROM YOUR PLATFORM OR CMS.
     *  LEARN WHY DEFINING THESE VARIABLES IS IMPORTANT: https://disqus.com/admin/universalcode/#configuration-variables
     */
    
    var disqus_config = function () {
        this.page.url = '<?php the_permalink(); ?>';
        this.page.identifier = '<?php echo get_the_ID();?>';
        this.page.title = '<?php echo get_the_title(); ?>';
        this.page.remote_auth_s3 = "<?php echo sprintf('%s %s %s', $message, sb_dsq_hmacsha1($message . ' ' . $timestamp, DISQUS_SECRET_KEY), $timestamp) ?>";
    	this.page.api_key = "<?php echo DISQUS_PUBLIC_KEY; ?>";
    };
    
    (function () {

		var dsq = document.createElement('script'); dsq.type = 'text/javascript'; dsq.async = true;

		dsq.src = '//{insert your forum here}.disqus.com/embed.js';

		(document.getElementsByTagName('head')[0] || document.getElementsByTagName('body')[0]).appendChild(dsq);

		})();
</script>

    1. Run your site and see disqus config render: enter image description here Copy remote_auth_s3 and paste into https://disqus.com/api/sso/ to check the result.

    Done.