Support » Plugin: Limit Login Attempts Reloaded » Email address login support

  • Hello,

    Does this plugin support sites that user only email address to login instead of username. Will this plugin work with this custom code in functions.php file

    Thanks for the recent update it works. Now for better security I do not use username to login but only email address with custom login error message. When I applied the code below in my functions.php. The login error that shows is (invalid request) instead of (Invalid email or password) as indicated in the code below, also the limit login attempts does not work with the code below. Is there another way to achieve login with email address only without any form of compromise with the bp branded login plugin.

     remove_filter('authenticate', 'wp_authenticate_username_password', 20);
    
     
    add_filter('authenticate', function($user, $email, $password){
    
        //Check for empty fields
        if(empty($email) || empty ($password)){        
            //create new error object and add errors to it.
            $error = new WP_Error();
    
            if(empty($email)){ //No email
                $error->add('empty_username', __('Email field is empty.'));
            }
            else if(!filter_var($email, FILTER_VALIDATE_EMAIL)){ //Invalid Email
                $error->add('invalid_username', __('Invalid email or password.'));
            }
    
            if(empty($password)){ //No password
                $error->add('empty_password', __('Password field is empty.'));
            }
    
            return $error;
        }
    
        //Check if user exists in WordPress database
        $user = get_user_by('email', $email);
    
        //bad email
        if(!$user){
            $error = new WP_Error();
            $error->add('invalid', __('Invalid email or password.'));
            return $error;
        }
        else{ //check password
            if(!wp_check_password($password, $user->user_pass, $user->ID)){ //bad password
                $error = new WP_Error();
                $error->add('invalid', __('Invalid email or password.'));
                return $error;
            }else{
                return $user; //passed
            }
        }
    }, 20, 3);
     

    Thanks for your support

  • You must be logged in to reply to this topic.