Multiple Discourse sites on single WordPress with wp-discourse

I have a client that has a WordPress site that handles subscriptions and a forum that’s connected with wp-discourse. All’s well.

But now he wants to add additional Discourse sites that all authenticate against the single WordPress site. I tried copying the setup from the first Discourse site to the second one, but WordPress redirects to the first discourse site. I then though that maybe I could make the first Discourse site be a discourse_connect server to the second site, but that is still not working (it too just redirects to the first Discourse site and the second one doesn’t get logged in).

Is there some way to have a single wordpress site that provides authentication for multiple Discourse sites?

2 Likes

If you plan to use single sign-on for more than two platforms, then the most correct solution is to use keycloak.
This approach is good because we don’t have to think about a single sign-on server and a simpler sign-in via social networks (and not only).
You can add and remove any sites without losing the user.

The WP Discourse plugin isn’t setup to handle this, but it should be possible.

I’d start by adding a site URL parameter to the Discourse discourse_connect_url setting. On WordPress, use the site parameter to set the correct Discourse site to redirect to here:

You would probably also need to deal with the call to sync_sso that happens here: wp-discourse/lib/sso-provider/discourse-sso.php at main · discourse/wp-discourse · GitHub

I’m not certain about this, but you might need to add site to the allowed query vars in this function (so that WordPress doesn’t remove the parameter): wp-discourse/lib/sso-provider/discourse-sso.php at main · discourse/wp-discourse · GitHub

Ideally the above changes could be accomplished with action and filter hooks on WordPress. It looks like hooks would need to be added to the code for that.

I’m assuming that the spec for this doesn’t involve publishing posts from WordPress to multiple Discourse sites. If that’s the case, the required changes would be a little more involved.

I’ll let you know if I think of any other issues.

Edit: need to think about how the Discourse user id is used on WordPress to make sure there won’t be any conflicts between multiple sites - a single user on WordPress could potentially have accounts on multiple WordPress sites. They would have a different Discourse user id on each site.

Edit: the biggest issue I can see is if the “Create or Sync Discourse Users on Login” setting is enabled on the WordPress sites. It makes an API call to the Discourse sync_sso route. You’d need to have a way of knowing which Discourse site to sync or create the user on. You’d also need to have a Discourse API key for each site. This seems doable, but would add some complexity.

3 Likes

That sounds sort of possible. Yes, he doesn’t care about posting, just authentication and, I guess, pushing groups from woo commerce or similar.

I’m assuming this means adjusting a user’s group memberships on a particular Discourse site when they make a purchase on the WordPress site. That sounds doable, but would best be done with an API request to the sync_sso route. The WP Discourse plugin has functions that can be used for this, but they use the Discourse URL and API Key that’s set on the plugin’s options pages: wp-discourse/lib/utilities.php at main · discourse/wp-discourse · GitHub. Maybe the plugin could add filter hooks to those params so that they can be set conditionally.

3 Likes

We’re exploring a similar setup, so I’d be interested in a solution as well.

1 Like

I think that he hasn’t responded when I asked if he wanted to play for development (I suspect because he’s busy with other things).

If you’ve got a budget then that might help.

It’s still exploratory so I don’t have a budget as such. But I can provide some developer assistance and perhaps a little funding. If your client is willing to chip in too, then perhaps we can pool some funding together.

1 Like