Keeping user deletion in sync with SSO


(Sridhar Katakam) #1

I am new to Discourse so please excuse me if I am missing something basic…

I’ve installed and set up the WP Discourse plugin with WordPress acting as SSO source.

I see that when a new user logs into the WordPress site, his/her user account automatically gets created in Discourse. So far so good.

Now when the user account is deleted in WordPress, it is still remaining in Discourse.

Is there any way to keep the users in sync (from WP -> Discourse)?

I tried ticking Discourse > Webhooks > Update userdata but that doesn’t seem to do anything.

Thanks in advance.


(Jay Pfaffman) #2

You don’t want to delete their accounts because their content has to be owned by someone. They can’t log in (you may need to do something to make sure that they get logged out when the account is deleted).


(Sridhar Katakam) #3

I am using Discourse as a members-only forum in conjunction with MemberPress plugin for WordPress.

The forum should be accessible to only those that are active members.

Is there a way to auto delete users (when deleted in WP) when they have no content at all in Discourse?


(Jay Pfaffman) #4

You don’t need to delete them. They won’t be able to log in. Wordpress won’t let them log in.


(Kane York) #5

What if someone changes their mind / gets to a healthier financial situation / etc and wants to come back to the forum? Their posts should all still be there and waiting for them.

Though, @pfaffman, you will need to disable emails & such. Suspending will probably work.


(Jay Pfaffman) #6

Right! Suspend is what needs to happen. There should be a way to suspend users when they are removed on WordPress. I’m pretty sure I’ve done that via the API before. I’d think that wp-discourse might do it, but you might need to add a hook to a theme.


(Simon Cossar) #7

Are you deleting the user account on WordPress, or is the user’s membership just being cancelled on MemberPress? If the account is being cancelled on Memberpress, there might be something in this topic that can help you: How to prevent some WP users from being able to login to Discourse.

After preventing the user from logging in, you might want to go to their preferences page on Discourse and change their email preferences so that they no longer receive emails from Discourse. Another approach would be to suspend them on Discourse. This could be done through the Discourse API, but it’s not something that the plugin handles at the moment.


(Leah Kramer) #8

I’m pretty sure you can use the API to mark someone in Discourse as inactive kinda like the pseudo-code below.

	if ( $wordpress_membership_status == 'inactive' )
		$url = $url_base.'admin/users/'.$discourse_userid.'/deactivate.json?'.$api_auth;
	else if ( $wordpress_membership_status == 'active' )
		$url = $url_base.'admin/users/'.$discourse_userid.'/activate.json?'.$api_auth;
	$ch=curl_init();
	curl_setopt($ch, CURLOPT_URL, $url);
	curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "PUT");
	$response = curl_exec($ch);	

Disclaimer: There’s probably (usually) is a better way to do things than the way I do them! :smiley: But perhaps this is helpful.

We have code in place such as the above but I haven’t checked lately if it’s still working.