![It had to happen eventually, I suppose, but I broke a client site last week. It’s private forum that uses WordPress as an SSO[1] server for Discours](https://beta.buildcivitas.com/uploads/default/optimized/1X/c9c8ba29ce8bf97b6b5cba06a64eaaea7583469a_2_1023x282.jpeg "How I broke a client's site without getting fired")
How I broke a client's site without getting fired
It had to happen eventually, I suppose, but I broke a client site last week. It’s private forum that uses WordPress as an SSO[1] server for Discourse. It also uses MemberPress to manage paid subscriptions. MemberPress, in turn, relies on Stripe to collect subscriptions fees. To explain how I broke the site and how I was able to recover, I’ll need to go into the details of the problem. Feel free to skip the next section if that doesn’t sound interesting.
When someone signs up for a subscription, they log into my client’s WordPress site which uses MemberPress to communicate with Stripe. Stripe collects the subscription fee and assigns the user to a special group for subscribers on WordPress. When the user logs into Discourse, the WP Discourse plugin updates the user’s Discourse groups using code adapted from this answer. Critically the user is added to a private group on Discourse that’s only available to suscribers.
It works well enough by default. Whenever a user logs into Discourse, their groups are updated by WP Discourse. If their subscription has expired, they are removed from the subscriber’s-only group. So just before someone goes to look at the paywalled content, the system verifies they have paid up for it.
Leave a Comment
Related Posts
What are you legally allowed to say at work? A group of fired Googlers could change the rules.
Comment
/cdn.vox-cdn.com/uploads/chorus_asset/file/25544672/Jones_drives_the_solar_car_across_the_finish_line_at_the_Portofino_Hotel.jpg)
