Has anyone on these boards successfully set up Commento so that it integrates with Ghost’s membership features? From the look of this, it shouldn’t be too hard, but I’ve never implemented anything like it, and it makes me a bit nervous:
While I can follow the pseudocode, I also know enough about coding to know that I’m in dangerous territory when I get to the "Security Checklist at the bottom of the article:
Implementing SSO comes with added security responsibility on your end. Here’s a checklist of things to consider in order to securly integrate SSO:
- Your HMAC secret key is kept securely. If you lose this, anybody can impersonate requests from Commento and you will leak personal data.
- You’re verifying signatures before processing data.
- You’re using a well-audited crypto library for HMAC. Never roll out your own crypto.
- You’re using a timing safe comparison algorithm to compare the hashes and not a simple string comparison. This is done to prevent timing attacks.
- You’re authenticating your users properly before sending Commento a response payload. This includes email verification, two-factor authentication, access control lists, and so on.
- You’re redirecting to the HTTPS version of Commento at the end. Personal data is transmitted in this stage and using plain HTTP is grossly insecure.
Anyone have experience doing this—with a Ghost(Pro) account?