Changeset 9833

Timestamp:

05/07/2020 02:38:43 AM (6 years ago)

Author:

dd32

Message:

Login: Registration: Move to storing the user details in cookies to provide cleaner URLs.

Location:

sites/trunk

Files:

• common/includes/wporg-sso/wp-plugin.php (modified) (1 diff)
• wordpress.org/public_html/wp-content/themes/pub/wporg-login/pending-create.php (modified) (3 diffs)
• wordpress.org/public_html/wp-content/themes/pub/wporg-login/pending-profile.php (modified) (2 diffs)

sites/trunk/common/includes/wporg-sso/wp-plugin.php

@@ -161 +161 @@
             if ( 'user' === get_site_option( 'registration', 'none' ) ) {
                 // New "pending" registration flow.
-                $this->valid_sso_paths['pending-profile']  = '/register/create-profile/(?P<profile_user>[^/]+)/(?P<profile_key>[^/]+)';
-                $this->valid_sso_paths['pending-create']   = '/register/create/(?P<confirm_user>[^/]+)/(?P<confirm_key>[^/]+)';
+                $this->valid_sso_paths['pending-profile']  = '/register/create-profile(/(?P<profile_user>[^/]+)/(?P<profile_key>[^/]+))?';
+                $this->valid_sso_paths['pending-create']   = '/register/create(/(?P<confirm_user>[^/]+)/(?P<confirm_key>[^/]+))?';
 
                 // Primary registration route.

sites/trunk/wordpress.org/public_html/wp-content/themes/pub/wporg-login/pending-create.php

@@ -6 +6 @@
  */
 
-$activation_user = WP_WPOrg_SSO::$matched_route_params['confirm_user'] ?? false;
-$activation_key  = WP_WPOrg_SSO::$matched_route_params['confirm_key']  ?? false;
+// Clear the pending cookies, they're no longer needed.
+if ( isset( $_COOKIE['wporg_profile_user'] ) ) {
+    setcookie( 'wporg_profile_user', false, time()-DAY_IN_SECONDS, '/register/', 'login.wordpress.org', true, true );
+    setcookie( 'wporg_profile_key', false,  time()-DAY_IN_SECONDS, '/register/', 'login.wordpress.org', true, true );
+}
+
+// Migrate to cookies.
+if ( !empty( WP_WPOrg_SSO::$matched_route_params['confirm_user'] ) ) {
+    setcookie( 'wporg_confirm_user', WP_WPOrg_SSO::$matched_route_params['confirm_user'], time()+DAY_IN_SECONDS, '/register/', 'login.wordpress.org', true, true );
+    setcookie( 'wporg_confirm_key',  WP_WPOrg_SSO::$matched_route_params['confirm_key'],  time()+DAY_IN_SECONDS, '/register/', 'login.wordpress.org', true, true );
+
+    wp_safe_redirect( '/register/create' );
+    die();
+}
+
+$activation_user = $_COOKIE['wporg_confirm_user'] ?? false;
+$activation_key  = $_COOKIE['wporg_confirm_key']  ?? false;
 
 $pending_user = wporg_get_pending_user( $activation_user );
@@ -36 +51 @@
 
 if ( ! $can_access ) {
-    wp_safe_redirect( "/" );
+    wp_safe_redirect( '/' );
     die();
 }
@@ -61 +76 @@
         $user = wporg_login_create_user_from_pending( $pending_user, $user_pass );
         if ( $user ) {
+            setcookie( 'wporg_confirm_user', false, time()-DAY_IN_SECONDS, '/register/', 'login.wordpress.org', true, true );
+            setcookie( 'wporg_confirm_key',  false, time()-DAY_IN_SECONDS, '/register/', 'login.wordpress.org', true, true );
+
+            // Log the user in
             wp_set_current_user( $user->ID );
             wp_set_auth_cookie( $user->ID, true );

sites/trunk/wordpress.org/public_html/wp-content/themes/pub/wporg-login/pending-profile.php

@@ -6 +6 @@
  */
 
-$profile_user = WP_WPOrg_SSO::$matched_route_params['profile_user'] ?? false;
-$profile_key  = WP_WPOrg_SSO::$matched_route_params['profile_key']  ?? false;
+ // Migrate to cookies.
+if ( !empty( WP_WPOrg_SSO::$matched_route_params['profile_user'] ) ) {
+    setcookie( 'wporg_profile_user', WP_WPOrg_SSO::$matched_route_params['profile_user'], time()+DAY_IN_SECONDS, '/register/', 'login.wordpress.org', true, true );
+    setcookie( 'wporg_profile_key',  WP_WPOrg_SSO::$matched_route_params['profile_key'],  time()+DAY_IN_SECONDS, '/register/', 'login.wordpress.org', true, true );
+
+    wp_safe_redirect( '/register/create-profile' );
+    die();
+}
+
+$profile_user = $_COOKIE['wporg_profile_user'] ?? false;
+$profile_key  = $_COOKIE['wporg_profile_key']  ?? false;
 
 $pending_user = wporg_get_pending_user( $profile_user );
@@ -29 +38 @@
     die();
 } elseif ( ! $can_access ) {
-    wp_safe_redirect( home_url( '/linkexpired/' ) );
+    wp_safe_redirect( home_url( '/linkexpired' ) );
     die();
 }