The integration between MemNet and WordPress is provided by the MemNet SSO WordPress plugin. See the plugin documentation for a detailed guide to the usage of the plugin.
At a high level, this is how the plugin works:
- Creating a new login.
This shortcode instructs WordPress to display a form that accepts the member's member code, first name, last name, and optionally their postcode and preferred username, these details are then passed to MemNet. MemNet performs the following checks, returning an error for WordPress to display if any of them fail.
The checks are:
- All of the details supplied (except the preferred username) uniquely match a person within the MemNet database.
- The person belongs to a membership with a status that is allowed to log in, typically an Active status.
- The person belongs to a membership with a member type that is allowed to log in.
- The person has an email address recorded within MemNet (needed to allow a password to be set).
If all these tests are successful, the user account is created within WordPress by the plugin and a set password email is sent to the user from WordPress at the email address held within MemNet.
Notes:
- MemNet does not require a unique email address, but WordPress does. If someone tries to create a WordPress login and they have an email address in MemNet that already exists in WordPress, including admin users, the registration process will fail.
- In certain circumstances, WordPress users will be created directly from MemNet, Eg. when a new person record is created. This requires access to the WordPress REST API using JWT Auth, see the plugin documentation for more details.
- Member login.
This shortcode instructs WordPress to display a custom login form.
The MemNet SSO WordPress plugin uses the existing WordPress user store to store the members' usernames and passwords. Passwords are managed by WordPress. We suggest using a plugin to replace the default WordPress password reset screens, this will provide a more integrated password reset process.
When a user logs in using this login form and if the username and password entered are correct, a call is made to MemNet to check if the person is allowed to log in based on the rules set in MemNet (which are the same as when they registered). This check is based on the person's username, which must exist in MemNet.
If the call to MemNet is successful MemNet returns the member's details to WordPress which are saved to the WordPress user's profile and metadata, these are documented in the plugin documentation. The information passed to WordPress when someone logs in includes a list of "website roles", these can be implemented by your WordPress developer into a third party content restriction plugin or custom developments.
Following a successful login, a splash screen will appear for a short moment. During this time the Single Sign On process is happening between WordPress and MemNet. For anyone that is interested, this uses a technology called SAML 2.0.
Note WordPress allows a user to log in using either their username OR their email address. Regardless of what the user has logged in with, the username is what is used to make the check with MemNet and provides the link between the WordPress user and their MemNet profile. The WordPress username and the username recorded in MemNet MUST be identical.
- iframed content from MemNet
The plugin provides a wide selection of shortcodes (Listed in the plugin documentation) that are replaced by member self-service content from MemNet. This content is seamlessly embedded in an iframe on the WordPress page. The plugin includes code (JavaScript) that dynamically and automatically resizes the iframe as the content from MemNet changes height.
If someone tries to access an iframed page and they are not logged into WordPress, the plugin will automatically redirect them to the login screen. This is not desirable for "public" functionality such as new member forms, subscribe to email form, public member directories or public event booking forms, in these cases, adding public="true" to the shortcode will always display the iframed content from MemNet.
Note that each of these iframe shortcodes accepts a slug or the path part of the URL to a MemNet self-service page, any available MemNet self-service page can be displayed in this way
See also:
Comments
0 comments
Please sign in to leave a comment.