Changeset 36617

Timestamp:

02/22/2016 11:14:27 PM (8 years ago)

Author:

ocean90

Message:

Authentication: Allow users to log in using their email address.

Introduces wp_authenticate_email_password() which is hooked into authenticate after wp_authenticate_username_password().

Props Denis-de-Bernardy, ericlewis, vhomenko, MikeHansenMe, swissspidy, ocean90.
Fixes #9568.

Location:

trunk

Files:

• src/wp-includes/default-filters.php (modified) (1 diff)
• src/wp-includes/pluggable.php (modified) (2 diffs)
• src/wp-includes/user.php (modified) (1 diff)
• src/wp-login.php (modified) (3 diffs)
• tests/phpunit/tests/auth.php (modified) (1 diff)

trunk/src/wp-includes/default-filters.php

@@ -343 +343 @@
 // Default authentication filters
 add_filter( 'authenticate', 'wp_authenticate_username_password',  20, 3 );
+
 add_filter( 'authenticate', 'wp_authenticate_spam_check',         99    );
 add_filter( 'determine_current_user', 'wp_validate_auth_cookie'          );

trunk/src/wp-includes/pluggable.php

@@ -549 +549 @@
  * @since 2.5.0
  *
- * @param string $username User's username.
+ * @param string $username User's username.
  * @param string $password User's password.
  * @return WP_User|WP_Error WP_User object if the credentials are valid,
@@ -576 +576 @@
         // TODO what should the error message be? (Or would these even happen?)
         // Only needed if all authentication handlers fail to return anything.
-        $user = new WP_Error('authentication_failed', __('<strong>ERROR</strong>: Invalid username or incorrect password.'));
+        $user = new WP_Error();
     }
 

trunk/src/wp-includes/user.php

@@ -164 +164 @@
                 __( '<strong>ERROR</strong>: The password you entered for the username %s is incorrect.' ),
                 '<strong>' . $username . '</strong>'
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
             ) .
             ' <a href="' . wp_lostpassword_url() . '">' .

trunk/src/wp-login.php

@@ -530 +530 @@
 <form name="lostpasswordform" id="lostpasswordform" action="<?php echo esc_url( network_site_url( 'wp-login.php?action=lostpassword', 'login_post' ) ); ?>" method="post">
     <p>
-        <label for="user_login" ><?php _e('Username or Email:') ?><br />
+        <label for="user_login" ><?php _e('Username or Email') ?><br />
         <input type="text" name="user_login" id="user_login" class="input" value="<?php echo esc_attr($user_login); ?>" size="20" /></label>
     </p>
@@ -757 +757 @@
     if ( !empty($_POST['log']) && !force_ssl_admin() ) {
         $user_name = sanitize_user($_POST['log']);
-        if ( $user = get_user_by('login', $user_name) ) {
+        $user = get_user_by( 'login', $user_name );
+
+        if ( ! $user && strpos( $user_name, '@' ) ) {
+            $user = get_user_by( 'email', $user_name );
+        }
+
+        if ( $user ) {
             if ( get_user_option('use_ssl', $user->ID) ) {
                 $secure_cookie = true;
@@ -883 +889 @@
 <form name="loginform" id="loginform" action="<?php echo esc_url( site_url( 'wp-login.php', 'login_post' ) ); ?>" method="post">
     <p>
-        <label for="user_login"><?php _e('Username') ?><br />
+        <label for="user_login"><?php _e('Username') ?><br />
         <input type="text" name="log" id="user_login"<?php echo $aria_describedby_error; ?> class="input" value="<?php echo esc_attr( $user_login ); ?>" size="20" /></label>
     </p>

trunk/tests/phpunit/tests/auth.php

@@ -312 +312 @@
         $this->assertInstanceOf( 'WP_Error', $check );
     }
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
 }