How to customize password reset work-flow?

  • Resolved renatofrota

    (@renatofrota)


    10 years, 1 month ago

    Hello,

    I want to modify the password reset work-flow. More specifically, lines 238 to 241 of woocommerce/includes/shortcodes/class-wc-shortcode-my-account.php:

    if ( is_multisite() && ! is_user_member_of_blog( $user_data->ID, get_current_blog_id() ) ) {
                        wc_add_notice( __( 'Invalid username or e-mail.', 'woocommerce' ), 'error' );
                        return false;
                }

    What’s the recommended way of doing so, without editing the WC files directly? Is there a hook I can use?

    I want to allow store admins to enable a bypass for this error (allow password reset for users that are not members of the blog) and to perform some other code of my own instead of running “wc_add_notice” and “return false” (so, being more precise, I want to replace the lines 239 and 240 only, with other custom code).

    I am not asking for the code 😉 I was able to make it work the way I need by directly editing the file, but I know this is not the right way (it will be lost on plugin update), so I just need some guidance on how to customize it the right way.

    Thanks.

    https://wordpress.org/plugins/woocommerce/

Viewing 6 replies - 1 through 6 (of 6 total)
  • kamransyed

    (@kamransyed)

    10 years, 1 month ago

    If you want Woocommerce not to send password reset email and want to do it with your code you can 

    add_filter('allow_password_reset', 'my_custom_password_reset', 10, 2);

    return false in my_custom_password_reset function. This will stop woocommerce to reset password.

    To do it yourself you need to

    add_action('retrieve_password', 'custom_reset_solution');

    In custom_reset_solution user_login is passed as parameter. You can write you own logic here for password reset and sending email etc.

    Thanks,
    Kamran

    Thread Starter renatofrota

    (@renatofrota)

    10 years, 1 month ago

    Thanks, kamransyed

    However, this didn’t work.

    do_action( 'retrieve_password', $user_login );

    is fired only after

    ! is_user_member_of_blog( $user_data->ID, get_current_blog_id() )

    test – i.e., custom_reset_solution is not called at all in my scenario (I want to customize the reset function exactly to make it bypass the “! is_user_member_of_blog” situation).

    The only action fired prior this test is lostpassword_post, but it do not passes the user ID or any useful information unless a failure happens on the user login check (what won’t be useful for me anyway).

    kamransyed

    (@kamransyed)

    10 years, 1 month ago

    You can use lostpassword_post hook instead of retrieve_password hook. lostpassword_post fires before ! is_user_member_of_blog( $user_data->ID, get_current_blog_id() )

    Thread Starter renatofrota

    (@renatofrota)

    10 years, 1 month ago

    Unfortunately, no, I can’t.

    lostpassword_post do not carry any information about the user, so I can’t identify which user is requesting the reset.

    @mike Jolley: if an user that do not have a role on blog (“is not a member of blog”) can login, why can’t he request a password reset? This limitation do not make sense for me.

    Please remove this limitation or add a new hook I can use to customize this. 😉

    Thanks.

    kamransyed

    (@kamransyed)

    10 years, 1 month ago

    `
    $login = $_POST[‘user_login’];

    You can try above line in your function to see the login requested for.

    Thread Starter renatofrota

    (@renatofrota)

    10 years, 1 month ago

    Hello, kamransyed

    Thanks! Your continued assistance was of extreme importance!

Viewing 6 replies - 1 through 6 (of 6 total)

The topic ‘How to customize password reset work-flow?’ is closed to new replies.