External database just as a “first time check”

  • Resolved fefo1983

    (@fefo1983)


    4 years, 11 months ago

    Hi Tom,

    first of all thanks a lot for this great plugin and the passionate support you are giving to all the users and the WP community!

    I need to achieve the following user path and I’d like to know if you find your plugin could be used for this purpose:

    – The user does the first login on the WordPress site using two identifiers stored in an external DB (email and a 4-digits code). Registrations are closed anyway since this website should be accessible just to members included in the external database.
    – The plugin creates the user account in WordPress and, just for the first time, forces the user to create a more secure password than the 4-digits code.
    – From that moment on, the user logs in using JUST the new WordPress account, without being able to login using the 4-digits code (the old password).

    Do you think this is possible?

    Thanks a lot!

    PS: a beer is on its way to you!

    • This topic was modified 4 years, 11 months ago by fefo1983.
Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Author tbenyon

    (@tbenyon)

    Hey @fefo1983,

    Firstly thank you for the beer!!! Really appreciated ?? Made my day. You’ll be glad to know it will be spent on a BrewDog order ??

    So the plugin will achieve half of what you’re looking for and I think could potentially tie in nicely if you code the rest of the flow.

    To break down your bullets to the three steps:

    1. This is achievable with the plugin. You would just set the plugin to not use a hashing algorithm so that the plain 4 digit code would be validated against the database
    2. Yes the plugin will create a user account, and it will use the 4 digit code as the password and hash that into the database. However, it does not have any functionality to force the user to change their password. I will talk about what you could to to solve this step below
    3. The plugin has a setting called migration mode that will solve this problem for you. It means that if the user already exists in the local database they will not be searched for again in the external database.

    A way you could solve the missing part of the flow you want to achieve…
    The plugin uses WordPress’ ‘authenticate’ hook to validate and return the user to log them in. You could add a custom hook to the ‘wp_login’ hook that would:

    1. Check if there is a meta data field for the user that just logged in to say they’ve setup their new password
    2. Redirect them to change their password if they haven’t set it up. Once they have, add a flag for this user

    There are probably a lot of plugins that will do this for you. I can’t say if they’re any good but I found a couple that you could try if you’re happy to use those. You could see how they behave with External Login?

    Let me know your thoughts . . .

    ??

    Plugin Author tbenyon

    (@tbenyon)

    Hey @fefo1983,

    Haven’t heard back from you for a while so I’m going to assume this is resolved.

    If not, don’t hesitate to get back in contact and we’ll see what we can do ??

    Thanks,

    Tom ??

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘External database just as a “first time check”’ is closed to new replies.