Prevent automatically logging in users

[Verso68]

Hi! So here’s the situation: I am selling different membership types in my website, not just one. I want to protect the signup and log in pages with an Unlock key, so only key owners can purchase a membership and login as subscribers.

So I protected the login form with the Unlock plugin. I don’t want anyone who doesn’t own a key to access that form as they could sell their key and still be able to log in. However, once the plugin validates the user’s key, the login form does not appear, and that is because the user has been ALREADY logged in.

Basically, it seems that the Unlock plugin automatically logs in users in Wordpress when it validates their key. Even though I unchecked the “Anyone can register” option at “Settings > General”, so Unlock won’t create new subscribers, it is not a solution. Yes, it does not create new subscribers, but oddly it still logs in users to Wordpress when their key is validated.

A solution for those people like me that sell different membership types (and we just want one lock contract, not a different lock contract/key for each membership), would be not to immediately log in users when the plugin detects the key. Just make the protected content visible, but not log in the user in any way —or at least give the option to choose if we want to log the users in, or just make the content available.

Thank you!

[julien51]

Thanks @Verso68 for your patience here!

I want to protect the signup and log in pages with an Unlock key, so only key owners can purchase a membership and login as subscribers.

This is not really how the plugin works and would actually in practice be really hard to do because to check whether a user has a valid key, they first need to be a... user :) and you need to know which user they are (they need to be logged in).

May I ask why you want to achieve this? In most application that are doing any kind of check on whether the user has a valid membership (in the web2 world!) the application first asks the user to login/signup and then then verifies that the user does indeed have a valid membership.

[Verso68]

Hi @julien51,

This is not really how the plugin works and would actually in practice be really hard to do because to check whether a user has a valid key, they first need to be a... user :) and you need to know which user they are (they need to be logged in).

Actually this is something different to what I intend to do. I am using a membership WordPress plugin (Memberpress) with 3 different membership types. Why I am doing that instead of creating 3 different Unlock-Protocol membership tokens? Well, it is because I can integrate Memberpress with Discourse. So when a user reaches a certain user level on Discourse based on his/her participation in the community, he is automatically upgraded to a higher membership tier.

Therefore, I want the key lock just to protect the "Purchase membership" form. Anyone who has not purchased the key lock cannot become a member. Once they unlock that page and purchase a membership through Memberpress, I have all these options of automatically upgrading/downgrading memberships based on their activity at Discourse.

Also, Memberpress lets me grant trial periods, discount coupons, etc, which are useful for my marketing strategies.

This is why if the Unlock Protocol plugin logs them in, the signup form from Memberpress does not appear and they cannot purchase the Membership.

I know it is a different route than what Unlock Protocol is meant to be, but as long as it doesn't speak to Discourse or similar community softwares or allows for promotional codes, etc, I need to look for alternative solutions. If I just needed a standard, single membership, then it would be my default choice.

Meanwhile, I think I am going to build a plugin that just detects the key and shows the signup form if the key is detected, without login in the user. I'll keep you updated!