I have contacted the author of Google apps login and got more information about the error with a solution if Brute Protect team is interested in implementing to make their plugin friendlier with other login plugins.
“
Your version 2.0.9 introduced a conflict with some other login-based plugins (e.g. Google Apps Login) which used to work fine alongside previous versions of your plugin.
We believe the conflict was due to your change from using the “wp_authenticate” hook to using “authenticate”. The newer hook should either return a WP_User or WP_Error object, but you return neither.
It seems reasonable to stop execution completely when the IP is blocked (and therefore stop the brute_check_preauth function without returning anything) – although you might want to consider returning a WP_Error object in that case. However, in ‘successful’ cases where the IP is not blocked, please could you return the $user object? This would play better with WordPress’ intentions for the authenticate hook, and hopefully resolve conflicts with other plugins.
i.e. add “return $user;” as a final line in the brute_check_preauth function of bruteprotect.php.
”
@jay S it seems you are right. Adding a line with
return $user;
to the end of function brute_check_preauth() in bruteprotect.php will make Google Apps Login start working again.
@BruteProtect does this break your protection in any way? If not, could this be added please?
+1 to this issue and the workaround supplied by @jay S. Would love to see a formal solution offered by the BP folks.
Hello, I’m not one of the developers, but I’ve pointed out this thread to those who are. I can’t make any promises, but I’ll at least try to get a better response. Thanks!
Thanks would be great if one of the developers looked into it.
Hi Jay– thanks for your investigation into this– I don’t see any potential issues raised by your fix, so I’ve gone ahead and pushed it up as BP 2.3.3 (with props to you!)
Please let us know if you have any further issues!
Best,
Sam
Hi Sam,
Thanks for pushing out this update. WP.org is still showing 2.3.2 as the latest version despite @jay’s fix being implemented in the code because it looks like you forgot to update the version number in bruteprotect.php when committing it to the repository. Can you check that out when you get a moment? Thanks!
Whoops– updated, now with correct version numbers!
