search

BrianHenryIE / bh-wp-autologin-urls

Adds single-use passwords to WordPress emails' URLs for frictionless login. Adds magic email link to login screen.
GNU General Public License v2.0
44 stars 5 forks source link

Conflict with User Switching plugin #24

Open sisaacrussell opened 5 months ago

sisaacrussell commented 5 months ago

Bug Report

Testing this plugin on a site with the User Switching plugin installed throws the following error when visiting a link with the autologin enabled:

2024/02/18 06:14:04 [error] 39262#39262: *32635 FastCGI sent in stderr: "PHP message: PHP Fatal error: Uncaught Error: Undefined constant "USER_SWITCHING_SECURE_COOKIE" in /www/public/wp-content/plugins/user-switching/user-switching.php:1356
Stack trace:
#0 /www/public/wp-content/plugins/user-switching/user-switching.php(1291): user_switching_get_auth_cookie()
#1 /www/public/wp-includes/class-wp-hook.php(326): user_switching_clear_olduser_cookie('testclient@spru...')
#2 /www/public/wp-includes/class-wp-hook.php(348): WP_Hook->apply_filters(NULL, Array)
#3 /www/public/wp-includes/plugin.php(517): WP_Hook->do_action(Array)
#4 /www/public/wp-content/plugins/bh-wp-autologin-urls/src/wp-includes/class-login.php(166): do_action('wp_login', 'testclient@spru...', Object(WP_User))
#5 /www/public/wp-includes/class-wp-hook.php(324): BrianHenryIE\WP_Autologin_URLs\WP_Includes\Login->process(155)
....

Refreshing the page once after receiving the error will then load the page with the user logged in. Auto-login works as expected without the User Switching plugin active.

Issue also raised on WP.org Support tab

BrianHenryIE commented 5 months ago

I haven't looked into this properly yet, but I could not reproduce it with:

wp plugin install user-switching --activate 
wp autologin-urls get-url 3
Success: http://localhost:8080/bh-wp-autologin-urls/?autologin=3~5zvco5ujlHL0

... when I visited that URL it worked as expected.

I'll take a deeper look soon (I haven't actually looked into those functions named in that stacktrace yet).

BrianHenryIE commented 4 months ago

I think the correct fix for this is in the johnbillion/user-switching repo.

The login in this plugin occurs on the determine_current_user action, which runs before plugins_loaded, and fires the wp_login action.

The user-switching plugin listens for wp-login, user-switching.php#L1292-L1299, and checks for its cookie, user-switching.php#L1357-L1367, but the constants are defined on a function which doesn't run until plugins_loaded, user-switching.php#L93-L113

I don't think there's any good reason to defer defining those constants until plugins_loaded. Let me think about this for another couple of days and I'll open an issue in that repo.

Edit: related issue: https://github.com/johnbillion/user-switching/issues/40

BrianHenryIE commented 4 months ago

Some discussion/progress on this issue: https://github.com/johnbillion/user-switching/issues/115