[wp-trac] [WordPress Trac] #47192: Allow users to enter recovery mode via their registered email
WordPress Trac
noreply at wordpress.org
Mon Jan 13 16:08:51 UTC 2020
#47192: Allow users to enter recovery mode via their registered email
----------------------------------+------------------------------
Reporter: spacedmonkey | Owner: (none)
Type: enhancement | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Site Health | Version: 5.2
Severity: normal | Resolution:
Keywords: servehappy has-patch | Focuses:
----------------------------------+------------------------------
Comment (by TimothyBlynJacobs):
> This wasn't what we agreed on.
My mistake, I thought we were talking about a defined list of emails.
> What I thought was agree was to hook into login / user edit, to check if
user has access to recovery mode and save a cache in user meta. This way,
we should be able to trust user meta over capability check.
I don't have any issue with moving to user meta. I think you're right it
makes more sense.
> I also do like the user of wp_die here. It seem out of place and
confusing.
Yeah, my use of `wp_die()` here was mainly to be used as a convenient way
to scaffold HTML for a prototype. I think once we have a design, we'd need
to switch to an alternate templating mechanism of some kind.
> As much of I hate using wp-login.php styling, as it hard to work with,
it is much less confusing to a user.
It can be difficult to style as a developer, but that isn't my main
concern. My main concern is that we can't actually let the entirety of
`wp-login.php` load before printing our form. Otherwise, plugins will be
loaded which means the page could crash if one of those plugins had a
fatal error.
My worry about styling, is that if we simply copy the `login_header()`
function, for instance, into a separate file that could be included in
isolation, end users won't be able have their existing custom styles
applied. If we think that is a worthwhile trade off, I think moving those
functions would be a great solution.
> I am going to add some stuff to my original patch
Which part? It seems incompatible with the alternate approach. ( Forcing
Recovery Mode vs cached permission checks ).
--
Ticket URL: <https://core.trac.wordpress.org/ticket/47192#comment:18>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list