Making WordPress.org


Ignore:
Timestamp:
12/04/2016 05:54:55 PM (8 years ago)
Author:
dd32
Message:

Login.WordPress.org: Allow user registration through login.wordpress.org

This change does many things, including, but not limited to:

  • Making all the routes have proper templates, rather than being template-parts
  • Removing all the extra WordPress functionalities and outputs
  • Adding the Registration pages and routes
  • Updating SSO to handle routes with URL params
  • Adding rest endpoints for username/email validation

See #148, #1524

File:
1 edited

Legend:

Unmodified
Added
Removed
  • sites/trunk/common/includes/wporg-sso/wp-plugin.php

    r4413 r4470  
    2222            'lostpassword' => '/lostpassword',
    2323            'oauth'        => '/oauth',
     24            'register-profile' => '/register/profile/(?P<profile_user>[^/]+)/(?P<profile_nonce>[^/]+)',
     25            'register-confirm' => '/register/confirm/(?P<confirm_user>[^/]+)/(?P<confirm_key>[^/]+)',
     26            'register'         => '/register',
    2427        );
     28
     29        /**
     30         * Holds the route hit in `valid_sso_paths`
     31         * @var bool|string
     32         */
     33        static $matched_route = false;
     34
     35        /**
     36         * Holds any matched route params.
     37         * @var array
     38         */
     39        static $matched_route_params = array();
    2540
    2641        /**
     
    7085         */
    7186        public function disable_password_reset_for_blocked_users( $allow, $user_id ) {
    72             if ( ! defined( 'WPORG_SUPPORT_FORUMS_BLOGID' ) ) {
     87            if ( ! $allow || ! defined( 'WPORG_SUPPORT_FORUMS_BLOGID' ) ) {
    7388                return $allow;
    7489            }
     
    7691            $user = new WP_User( $user_id, '', WPORG_SUPPORT_FORUMS_BLOGID );
    7792            $is_blocked = ! empty( $user->allcaps['bbp_blocked'] );
     93
    7894            return ! $is_blocked;
    7995        }
     
    150166                if ( ! preg_match( '!/wp-login\.php$!', $this->script ) ) {
    151167                    // ... but not on its login screen.
    152                     if ( preg_match( '!^(' . implode( '|', $this->valid_sso_paths ) . ')([/?]{1,2}.*)?$!', $_SERVER['REQUEST_URI'] ) ) {
    153                         // If we're on the path of interest
    154 
     168                    self::$matched_route = false;
     169                    self::$matched_route_params = array();
     170                    foreach ( $this->valid_sso_paths as $route => $regex ) {
     171                        if ( preg_match( '!^' . $regex . '(?:[/?]{1,2}.*)?$!', $_SERVER['REQUEST_URI'], $matches ) ) {
     172                            self::$matched_route = $route;
     173                            self::$matched_route_params = $matches;
     174                            break;
     175                        }
     176                    }
     177
     178                    // If we're on the path of interest
     179                    if ( self::$matched_route ) {
    155180                        // Add a custom filter others can apply (theme, etc).
    156181                        add_filter( 'is_valid_wporg_sso_path' , '__return_true' );
     
    187212                            }
    188213                        }
     214                    } elseif ( ( is_admin() && is_super_admin() ) || preg_match( '!^/wp-json(/?$|/.+)!i', $_SERVER['REQUEST_URI'] ) ) {
     215                        // Do nothing, allow access to wp-admin and wp-json on login.wordpress.org
    189216                    } elseif ( is_user_logged_in() ) {
    190217                        // Logged in catch all, before last fallback
Note: See TracChangeset for help on using the changeset viewer.