tbenyon

Fantastic news. Good luck with your project.

If you get a minute to write a review I’d be very grateful.

… and I forgot to say – Thank you for the beer ??

Hey there Sascha,

I’ve not worked on this plugin for some time so apologies that my answer may not be perfect.

As that is a beta feature it may not work, however it may not work well with the empty state.

What I would be more confident would work would be the exlog_hook_filter_custom_should_exclude hook. Here’s the notes on it from the documentation:

- exlog_hook_filter_custom_should_exclude

This hook allows you to add custom logic to exclude users.

It provides you with all the data for the user that is stored in the external database users table.
If you return true (or a string - see below regarding custom error messages) from this function it will prevent the
user logging in, and returning false will bypass this exclusion.

For example, let's say your external users table had a field called expiry which stored a date. In this example we
want to block users if they login after their expiry date.

Adding the following to your functions.php would achieve this:

<br>function myExlogCustomExcluder($userData) {<br>return strtotime($userData['expiry']) < strtotime('now');<br>}<br>add_filter('exlog_hook_filter_custom_should_exclude', 'myExlogCustomExcluder', 10, 1);<br>

Alternatively if you provide a string the user will be blocked and the string will be used as the error for the user.
<br>function myExlogCustomExcluder($userData) {<br>return strtotime($userData['expiry']) < strtotime('now') ? 'Your account has expired' : false;<br>}<br>add_filter('exlog_hook_filter_custom_should_exclude', 'myExlogCustomExcluder', 10, 1);<br>

The below code is what I imagine would work for you but I haven’t done any testing.

function myExlogCustomExcluder($userData) {
    return empty($userData['email_verified_at') ? 'Your e-mail has not been verified' : false;
}

add_filter('exlog_hook_filter_custom_should_exclude', 'myExlogCustomExcluder', 10, 1);

Hey there,

This was a personal project that I haven’t worked on for some years but I’ve had a quick look for you.

Unfortunately it appears you are correct and this is a limitation of the software. Although you could choose which field is used as the “username” on the external database it doesn’t allow for two options (e.g. e-mail OR username).

This project is fully open source so if you are a developer or would like to pay for a developer to add this feature the main logic would need adding here plugin-files/login/db.php

The repository can be found here.

If you have any other questions I’ll do my best to answer them.

Warm regards,

Tom ??

that’s great news ??

Hi there,

You need to ensure sqlsrv is installed on your server.

Kind regards,

Tom

Also, what happens if you press the test button?

Are you getting an error? What settings do you have configured in the first settings block?

This is the default behaviour of the plugin so you simply need to fill in the rest of the settings.

How to do what sorry?

I’m assuming “Site A” is a site with existing users and “Site B” is where you will be installing this plugin and expecting users from “Site A” to be able to login to “Site B”.

If this is what you want this is exactly what the plugin does. It does not sync user changes back to site A. When a user logs into Site B, a clone of that user is migrated to Site B.

I think I’ve answered your questions so I’m marking as resolved but if you have any other questions please keep firing questions.

Thanks ??

Hi there,

If you mean the stored hash in the local database is different to the external database, this is by design.

The external database could be using a different hashing algorithm to that which WordPress uses (bcrypt). Thus we always use WordPresses hashing (bcrypt) when storing the password. This also means that if the security of bcrypt is updated (e.g. more rounds) we still store the password in the most secure way.

I’m sure you’re aware but even if you use bcrypt twice to store the same password you will get different hashes as a new salt is used every time.

Regarding the second question, you are correct. Please read the “Is this plugin what I need?” section in the documentation. If you are looking for Single Sign On you should be looking at a different solution.

Hey Dario,

Thanks for the positive feedback.

To answer your question, the answer is no not really. To have a logged in session, WordPress relies on their being a logged in user stored.

You could theoretically use the hook exlog_hook_action_authenticated to annonomise the login details or something? I don’t know your use case for not wanting the users stored there.

Thanks,

Tom

• This reply was modified 8 months, 3 weeks ago by tbenyon.

Hey Leif,

Great question.

The biggest blocker on this is I hanven’t worked on this for over 3 years so would have to get myself familiar again with how it identifies users etc.

The code is publicly available if you were super keen to make a pull request to add the feature.

However, there is an added way for people to add any required customisations. You’ll find in the documentation about hooks one named exlog_hook_action_authenticated that gives an example of updating user data (though custom data – not default e-mail address).

Hope this helps but let me know if you have any more questions ??

Hey Leif,

I agree it’s in the bullet points and I can’t see it in the screenshots.

I haven’t worked on this project for over 3 years so I’ve forgotten but had a look in the code.

I found some code I wrote that I believe means there is a setting in the setting area. Probably added after I made the screenshots.

Reference for myself:

array(
                        "field_name" => "Redirect Location (External)",
                        "field_description" => "This is the location to navigate to outside of the site.<br>e.g. \"<b>https://www.ads-software.com/plugins/external-login/#reviews</b>\"",
                        "field_slug" => "external_login_option_redirection_location_external",
                        "type" => "text",
                        "required" => false,
                        "conditionals" => array(
                            "and",
                            array(
                                "condition_field" => "external_login_option_redirection_type",
                                "condition_field_value" => "external",
                                "condition_operator" => "="
                            ),
                        )
                    ),

I believe you’ll find this in the settings area when you install.

Looks like you get an option to either redirect within your wordpress site or to an external page.

Let me know if this solves your problem either way ??

• This reply was modified 9 months, 1 week ago by tbenyon.