developing an ajax login plugin and getting reauth=1
-
I’m developing a plugin for ajax login with modal popup.
On localhost it’s all working just fine I can go from frontend to backend without any issue.
However, when I login on the internet website everything is fine untill I navigate on the frontend but when I try to go to wordpress admin dashboard (or to any admin section) I get the wordpress login form again with the URL string ending with &reauth=1 and I have to login again.I’ve searched around the internet and the issue seems to be related to the auth_cookie but still haven’t found a solution.
You can try yourself with credentials: demo, demo
here’s the function I’ve written to login for ajax and no ajax case and how it’s called back.
function auth_user_login_no_ajax($action,$user_login,$password,$login) { //first clear all auth cookies //wp_clear_auth_cookie(); //if login is called by ajax call die the function if ( is_user_logged_in() && $action == 'ajaxlogin' ) { $output = json_encode(array( 'loggedin'=>true, 'message'=> $login.__(' successful, redirecting...','sw-ajax-login'), )); die($output); return; } //impostazione per redirect pagina $page_to_redirect = swal_page_to_redirect(); //get remember credentials option $swal_login_remember_credentials = intval(get_option('swal_login_remember_credentials',SWAL_LOGIN_REMEMBER_CREDENTIALS)); $info = array(); $info['user_login'] = $user_login; $info['user_password'] = $password; //check if it has to remember credentials if ($swal_login_remember_credentials == 0) { $info['remember'] = true; } else if ($swal_login_remember_credentials == 1) { $info['remember'] = false; } else if ($swal_login_remember_credentials == 2) { if (isset($_POST['rememberme'])) { if ($_POST['rememberme']) { $info['remember'] = true; } else { $info['remember'] = false; } } } $user_signon = wp_signon( $info, false ); if ( is_wp_error($user_signon) ){ $output = json_encode(array( 'loggedin'=>false, 'message'=> __('Wrong username or password.','sw-ajax-login') )); } else { wp_set_auth_cookie( $user_signon->ID, $info['remember'], false); wp_set_current_user($user_signon->ID); $output = json_encode(array( 'loggedin'=>true, 'message'=> $login.__(' successful, redirecting...','sw-ajax-login'), )); //if login arrive from no ajax request then redirect if ( $action == 'login' ) { wp_redirect( $page_to_redirect ); } } //if login is called by ajax call die the function if ( $action == 'ajaxlogin' ) { die($output); } else if ( $action == 'login' ) { $GLOBALS['sw_login_json'] = $output; } }When the function is called, i’ve shortened to make it more readable.
add_action( 'after_setup_theme', 'swal_auth_user_no_ajax' ); function swal_auth_user_no_ajax() { /** * Verify if the request arrive via POST */ if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['action'])) { $action = $_POST['action']; /** * Login function */ if ( $action == 'ajaxlogin' || $action == 'login') { //if function is called from normal POST request check nonce in the regular way if ( $action == 'ajaxlogin' ) { // check the nonce in case of ajax request check_ajax_referer( 'ajax-login-nonce', 'security' ); } else if ( $action == 'login' ) { $nonce = $_POST['security']; if ( ! wp_verify_nonce( $nonce, 'ajax-login-nonce' ) ) { return; } } auth_user_login_no_ajax($action,$_POST['username'],$_POST['password'],'Login'); }Thanks
The page I need help with: [log in to see the link]
The topic ‘developing an ajax login plugin and getting reauth=1’ is closed to new replies.