Currently, we are running 2 web pages based on WordPress, custom application built in JS (Hapi, Angular, Mongo), as well as self-hosted GitLab repository and hosting based on ISP Config. Currently, user which want to use more than 1 service is forced to create multiple accounts.
What would be the best approach to centralize it assuming that we want:
a user to use same credentials on each page
allow a user to log in using social login (Facebook, Google, Twitter) and still keep his single profile
centralize information about user services, usage and billing information (invoices)
We do not want overcomplicate the solution, therefore, we don't want to centralize access management and obtain them from centralized server, each page/service will maintain it's on it own (i.e. when user makes a purchase in on of the WP sites (woocommerce) wordpress itself will maintain order and we will write custom code to report sale to centralized system for billing purpose)
We are currently considering using LDAP or Kerberos, what would suit better?
Secondly - how to cover part regarding social login? I assume that we should still allow user register using OAuth2 and somehow synchronise the data between each service and centralized system. Is there another way?
Your desires [correct me if I'm wrong]:
You have two apps that are essentially separate things.
These apps can be served from a web page via HTTP, and either don't
have an auth system or need one revamped.
You want a centralized login system with social auth.
You have a single business entity.
You want a single, combined source of data for e-commerce.
You are essentially setting this up from scratch on the WordPress
backend side, there is no current mixed ecosystem of users.
My thoughts:
You DO NOT want LDAP or Kerberos. Those solutions are much too complex for this situation.
You want a SINGLE WordPress install. You can easily setup the backend to answer to multiple domains. In other words a single wordpress install can handle pages at "domain1.com" and "domain2.com" and render the pages with compleately different headers and text to make them APPEAR as two sites. There is no reason to maintain two separate lists of users, because you want a single system to login. Differentiate the users based on their business data, i.e. user1 has data "registered on SiteA", user2 had data "registered on SiteB" etc.
You can place your app into a WordPress page, then use is_user_logged_in() to firewall it behind WordPress. This is an industry standard method of auth and extremely secure if setup correctly. Or if it's a data api, you can place it as an endpoint and leverage the exact same auth system.
Any of the major social auth plugins that are popular in the free .org repo should work out the box with this method.
If you are going to associate blogging, that is, many "posts" about the products, and you want those blogs to be different ecosystems, with different sets of users, you are looking for WordPress Multi-Site. I don't think this is what you want. You don't sound like you are going to "blog". Or at least every page is going to be meticulously curated on these combined sites. So you're probably looking for just a single install to serve content to two domains. NOT MULTISITE.
You should use WooCommerce, simply because it is the most widely supported platform. Setup is 100% free.
You can easily serve pages that are branded totally differently, even in one install. For instance, one WordPress site can serve pages to two domains, and put different logos and headers on the top of the page to make them appear different. One physical machine can serve two domains.
Bottom line: You want a single WordPress setup on a single machine, serving two domains. The content and appearance on the domains can be different at will. Use any popular social auth plugins in the .org repo to firewall the apps.
Related
Disclaimer: I am below even a beginner level of coding/promgramming. I have created a wordpress website using the listingpro business directory THEME (includes a consumer login for customers). I also have a subdomain using the Dokan multivendor marketplace PLUGIN (includes a consumer login for customers).
Currently, my website visitors will create two separate logins by using my site: one for the main domain, the other for the subdomain.
I had to create it this way because I do not have the knowledge to create a combination directory and ecommerce marketplace, and could not find a pre-existing commercial option.
To make for a better user experience, I would like for my site users to be able to create one login that works for both domain and subdomain, linking them together somehow.
A truly beautiful possibility would be to completely merge the theme and the plugin functionalities, but even my beginner knowledge makes me think that is impossible or crazy expensive.
Is there any way to accomplish my desired task?
I am looking to start selling websites by being able to generate clean WP installations without having to worry about the server side.
I there a service that is optimal for this?
I want to easily be able to create clean WP installations and start workign on building websites for my customers maybe even create a woocommerce stores, I'm mostly concerned about finding a platform that allows me to easily manage this and in a way I can charge customers a predictable price and limit storage usage or traffic per site depending on serve capabilities.
Many hosting providers like hostgator, bluehost offer one click script installation option in their Cpanel. You just need to login and choose what script you want to install(wordpress, drupal ...etc)
My question is quite similar to this question. However my concerns are not fully answered there, so I am posting a separate question.
I will try to be as detailed as possible here.
I have to build a website (SAAS), say abc.com wherein registered users would get a subdomain on the website, like abc.com/def or pqr.abc.com.
Now some of those users might want to have their own domains in use. for eg. 123.com or xyz.com.
All of these websites need to have identical backend (dashboard). But most importantly a visitor should be able to type a search term on the main website (abc.com), and the search should contain results from ALL websites including the subdomains (abc.com/def or pqr.abc.com) and custom domains (xyz.com).
I am not versed with other frameworks, so I figured out that WordPress could be a good solution.
My approach was that every registered user would be assigned role of an author, with them being able to create/edit their own content. I would then add custom post type for the exact type of content they can add. I would then use dashboard customizing plugins (like Adminimize) to configure what admin menus can the editors see. THis way I would be able to define/force the fields they can use for adding content, and I can also restrict the custom taxonomoies and terms they can use. And also be able to search through the content created by any user.
The only issue here is to create domains for the users.
The I heard of domain mapping. So, is it possible that map domains like xyz.com to abc.com in such a way that whenever a user types 123.com (or xyz.com) in address-bar, they are served the content of abc.com, but still see 123.com (or xyz.com) in their address bar.
I believe this is called masked domain forwarding. I tried a bit of it, and succeeded partially in that whenever a visitor types 123.com (or xyz.com) in address-bar, they are served the content of abc.com, but still see 123.com (or xyz.com) in their address bar. The problem is that whenever users type 123.com/wp-admin/ then instead of getting to the login screen, they see blank screen.
Not sure if the setup is corret, or if it is even acievable using WordPress.
Another alternative could be using WordPress multisite. But it has limitations for my caase:
1. Search across all sites in network is going to be a very expensive operation
2. I would not be able to force identical terms of custom taxonomies across all sites. I can create the taxonmies and terms using code and put it in a plugin and network activate it. It would work for new terms. But when I decide to delete/edit a term, I will have to login to each site's dashboard to sync the terms.
So, is there a way with WordPress to achieve what i am trying to do :custom domain names and identical dashboards, that can be controlled/dictated by admin (me) , and the facility to search through all the sites/domains.
If not with WordPress, then is there any other framework with which I can do this?
I am developing a site in Wordpress that offers functionality and content to companies.
Each company will have hundreds of users. All users of all companies get the same content.
However, the main header changes (it needs to include the companies own logo). They also will have their own sub-domain, at least fo the login page, preferably for all pages.
The content will change regularly, so I would prefer having only one copy of that.
So the requirements are:
Same content for all users at same relative url
Different header based on group of current user
Different base url per group
forwarding of user to the correct base url if they login under a wrong one
What is the best way to implement this?
Straight WP with a sub-theme that deals with the header. Mod-rewrite to deal with the urls
WP-MultiSite (how would the same content under different base urls work here?)
Several copies of the site and somehow sync the content (how would I do the sync?)
Use a different CMS
Which of these is the most future proof way to go, assuming I might have to deal with thousands of companies each with hundreds to thousands of users.
Also, If there is an easier way because I missed something in my research like an existing plugin, that would be great too.
Thanks for your help.
I would say that such a thing depends on a lot more than these requirements. For instance, how granular would you like to have your user management? And how much are the users allowed to do on the different groups? Is unique information allowed on the different domains, or is all the information shared?
Based on the information you are providing, I think youy would be best off using the multisite version of wordpress. You then could use a broadcast plugin to share the information on all sites, and create a template site from which to create new sites (using the NS cloner plugin for instance).
There are of course some problems with this approach, for instance search engine optimisation. You will get a lot of duplicate content that will hurt the google ranking of the individual sites.
It would also be possible to do this using a single site install, but then you'll run into problems with the multiple domain structure. It can be done, but the available caching plugins will not support it (at least not that I know off), whereas a multisite environment is supported out of the box. It is also more difficult to keep users from posting on different domains, as they are using a single install. A multisite environment also has as shared user base, but they can be added or removed from the different sites at will.
Using a multisite environment would also allow you greater flexibility template-wise.
I use Drupal with CiviCRM for our nonprofit's public site and CRM database, and Open Atrium for the intranet. My goal is to either sync or share specific users from the public site to the intranet, to allow single sign-on.
However, only users who are part of a specific CiviCRM smart group (volunteers) should be shared/synced. I could use the module to sync CiviCRM groups with Drupal organic groups if that would make this task easier.
Any thoughts?
Usually, the Domain Access module is used for synching users and whatnot, but your requirement that only certain users be synched throws a wrench into that setup.
Therefore, I'd recommend that you either:
Sort through that module's documentation to see if it provides any hooks so that you can filter down the user list, and if not...
Just look at how that module does its heavy lifting and write a custom module to do the same but only with a limited set of users.
Actually, you can use Account Sync for this. (where only a sub-set of users is required.)
Just create a sync role and assign account sync permissions to that role only.
Use a server key to encrypt this as you would for XML-RPC.
http://drupal.org/project/account_sync
If Single Sign-On is your goal, Bakery provides single sign-on between multiple Drupal sites (including Drupal.org and other sites in the *.drupal.org network, something of a recommendation).
Worth checking out - while it does involve some additional setup / config, it doesn't mess with Drupal so much as some other options.
It does require that your sites are on the same base domain, and that they are on the same protocol (can't mix https://example.com with http://foo.example.com).
See Bakery documentation for further info.