Compatibility with Jetpack SSO

  • Resolved bewster

    (@bewster)


    4 years, 10 months ago

    I am attempting to understand why I can still login with a username and password from the maintenance screen when I have enabled the Jetpack setting to block password based login?

    From what I can determine, from the various sources, is Jetpack only adds the filter for ‘authenticate’ on the wp-login page (via the login_init action).

    As the maintenance page is using a custom login form, the logic to register the filter is not triggered.

    I am not sure if this an “issue” with your plugin, or whether Jetpack should be registering the filter through some other logic so the wp_signon gets blocked?

    – I know I could just disable the frontend login; but first tried it and was surprised it worked (as I had expected the login to fail).

Viewing 5 replies - 1 through 5 (of 5 total)
  • Plugin Author Alexandru Tapuleasa

    (@talextech)

    4 years, 10 months ago

    Hi,

    Thank you for letting us know! I have added that to our ToDo list to check at some point. If there’s something we will be able to do on our end we will change it in one of the future versions. In the meantime you can just disable the frontend login, yes 🙂

    Plugin Author WebFactory

    (@webfactory)

    4 years, 10 months ago

    We’ll have a look at that and see if it’s fixable but generally speaking, our plugin is not compatible with Jetpack SSO (or any other plugin that modifies the login behavior).

    Thread Starter bewster

    (@bewster)

    4 years, 10 months ago

    Hi, yes I understand.

    I plan to ask a similar question to the Jetpack team.

    I am not sure it is right for your custom login form to

    do_action( 'login_init' );

    as the wp-login.php does (it might have different side effects).

    Maybe it is Jetpack that should call the add_filter elsewhere, and not wait for the login_init callback to add the filter.

    Your plugin is a nice one. It would be convenient to run both plugins together.
    Can you consider a third option for a login button, that takes the visitor to the standard login page (so Jetpack can do it’s work there)?

    Front-end login is still useful for selected users to review a site under maintenance.

    Plugin Author WebFactory

    (@webfactory)

    4 years, 10 months ago

    Hi,
    At the moment we don’t have plans to add that option.

    We’ll see if we can make it compatible with Jetpack.

    Thread Starter bewster

    (@bewster)

    4 years, 10 months ago

    Thanks, on my installation(s) I have modified your plugin to adjust the login form.

    Using the following to determine of the Jetpack option is set:

    if (apply_filters('jetpack_remove_login_form', get_option('jetpack_sso_remove_login_form', false))) {

    Whether you want to consider some filters of your own to allow customisation of the login form.

Viewing 5 replies - 1 through 5 (of 5 total)

The topic ‘Compatibility with Jetpack SSO’ is closed to new replies.