[wp-trac] [WordPress Trac] #29889: Login redirect to login page even if authenticated

WordPress Trac noreply at wordpress.org
Wed Oct 8 14:50:19 UTC 2014 

#29889: Login redirect to login page even if authenticated
------------------------------------+------------------------------
 Reporter:  sgissinger              |       Owner:
     Type:  defect (bug)            |      Status:  new
 Priority:  normal                  |   Milestone:  Awaiting Review
Component:  Login and Registration  |     Version:  3.9.2
 Severity:  normal                  |  Resolution:
 Keywords:  reporter-feedback       |     Focuses:
------------------------------------+------------------------------

Comment (by sgissinger):

 Replying to [comment:1 johnbillion]:
 > Thanks for the report sgissinger. I'm unable to reproduce the problem
 you're experiencing. Note that the `login_redirect` filter is applied each
 time you view the login screen (even if you don't attempt to log in) in
 order to control where the redirect goes after the user does log in.
 >
 > By default, the `$user` parameter in this situation is an empty
 `WP_Error` object. However, when you successfully log in the `$user`
 parameter will be a `WP_User` object.
 >
 > Can you confirm that the bug still exists with the default theme
 activated and all other plugins deactivated? Also note that your callback
 function hooked into `login_redirect` shouldn't actually perform the
 redirect, it should just return the redirect location (but I think you're
 doing that anyway).


 Yes my custom {{{login_redirect}}} only returns a simple string nothing
 else.

 But the {{{WP_Error}}} is not empty. I've done a {{{var_dump}}} and it's
 filled by {{{elseif ( isset( $_POST['testcookie'] ) && empty( $_COOKIE[
 TEST_COOKIE ] ) ) {}}} condition.

 == I think I omit some information ==
 We use a custom login URL set in the {{{login_url}}} filter which also
 returns only a simple string.
 This login URL only do the following (don't ask why please, it's a stupid
 reasaon but we do not have the choice ^^)
 {{{
 echo file_get_contents("https://{$_SERVER['HTTP_HOST']}/extranet/wp-
 login.php");
 }}}


 Our WP is configured with multisite using the following cookie/login
 configuration
 {{{
 define('WP_ALLOW_MULTISITE', true);
 define('MULTISITE',          true);

 define('SUBDOMAIN_INSTALL',    false);
 define('DOMAIN_CURRENT_SITE',  'www.example.com');
 define('PATH_CURRENT_SITE',    '/extranet/');

 define('FORCE_SSL_ADMIN', true);
 define('FORCE_SSL_LOGIN', true);

 define('SITECOOKIEPATH',  '/');
 define('COOKIEPATH',      '/');
 }}}

 We use {{{/}}} for cookie pathes because we integrate WP auth in custom
 projects located in pathes different from {{{/extranet}}}.

--
Ticket URL: <https://core.trac.wordpress.org/ticket/29889#comment:2>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform

More information about the wp-trac mailing list