I have inserted two custom fields called user_login_status
and activation_code
in wp_usermeta
table.
My code on login
page
function dlf_auth( $username, $password ) {
global $user;
get_currentuserinfo();
$creds = array();
$creds['user_login'] = $username;
$creds['user_password'] = $password;
$creds['remember'] = true;
$user = wp_signon( $creds, false );
if ( is_wp_error($user) ) {
//get user email
$email = $_POST['login_name'];
$users= get_user_by( 'email', $email );//
$key = 'user_login_status';
//get user login status
$user_status = get_user_meta( $users->ID, $key);
$user_approve = $user_status[0];
$error_msg = '';
//if email does not exist in DB
if(!email_exists( $email ) ){
$error_msg = 'ERROR: E-mail address does not exist.';
//if user is not approved
}elseif($user_approve == 0){
$error_msg = 'ERROR: Your account is not activated.';
//if invalid email or password
}else{
$error_msg = 'ERROR: Invalid e-mail address or password.';
}
echo $error_msg;
}
if ( !is_wp_error($user)) {
wp_redirect(site_url().'/overview');
exit();
}
}
Here I am not able to validate user if the account is not yet activated. User can still able to login.
How can I check authentication using users meta_data as well ? I do not wanmt to modify core wp_user
table.
Is the function wp_signon
not checking additional meta_data
validation ?
WordPress in itself does not something like validation, so thats something you added yourself. Therefor you should check for the approve info before using wp_signon to log a user in.
I am facing same problem few days ago than i found the solution for this i need to use custom user authentication on ajax base please check below code
<?php
function custom_login_form() {
if(!empty($_POST) && $_POST['action'] == 'custom_login_form') {
$creds = array();
$creds['user_login'] = $_REQUEST['username'];
$creds['user_password'] = $_REQUEST['password'];
$creds['remember'] = false;
$user = wp_signon( $creds, false );
if(!is_wp_error($user)) {
if(!empty($user) ) {
/* Use custom query or condition here for check extra values */
$customCondition = true
if($customCondition) {
return true;
} else {
wp_logout();
return false;
}
} else {
return false;
}
} else {
return false;
}
} else {
return false;
}
}