License: GPLv2 or later License URI: http://www.gnu.org/licenses/gpl-2.0.html
Free and simple to setup plugin provides registration and login with the Hellō Wallet. Users choose from popular social login, email, or phone.
This plugin allows to authenticate users against OpenID Connect OAuth2 API with Authorization Code Flow. Once installed, it can be configured to automatically authenticate users (SSO), or provide a "Login with OpenID Connect" button on the login form. After consent has been obtained, an existing user is automatically logged into WordPress, while new users are created in WordPress database.
Much of the documentation can be found on the Settings > Hellō Login dashboard page.
See "Installation" section in README.md.
Installation:
composer require hellocoop/wordpress
This plugin provides a number of hooks to allow for a significant amount of customization of the plugin operations from elsewhere in the WordPress system.
Filters are WordPress hooks that are used to modify data. The first argument in a filter hook is always expected to be returned at the end of the hook.
WordPress filters API - add_filter() and
apply_filters().
Most often you'll only need to use add_filter() to hook into this plugin's code.
Determine whether or not the user should be logged into WordPress.
Provides 2 arguments: the boolean result of the test (default TRUE), and the $user_claim array from the server.
add_filter('hello-login-user-login-test', function( $result, $user_claim ) {
// Don't let Terry login.
if ( $user_claim['email'] == '[email protected]' ) {
$result = FALSE;
}
return $result;
}, 10, 2);Determine whether or not the user should be created. This filter is called when a new user is trying to login and they do not currently exist within WordPress.
Provides 2 arguments: the boolean result of the test (default TRUE), and the $user_claim array from the server.
add_filter('hello-login-user-creation-test', function( $result, $user_claim ) {
// Don't let anyone from example.com create an account.
$email_array = explode( '@', $user_claim['email'] );
if ( $email_array[1] == 'example.com' ) {
$result = FALSE;
}
return $result;
}, 10, 2) Modify a new user's data immediately before the user is created.
Provides 1 argument: the $user_data array that will be sent to wp_insert_user().
add_filter('hello-login-alter-user-data', function( $user_data ) {
// Don't register any user with their real email address. Create a fake internal address.
if ( !empty( $user_data['user_email'] ) ) {
$email_array = explode( '@', $user_data['user_email'] );
$email_array[1] = 'my-fake-domain.co';
$user_data['user_email'] = implode( '@', $email_array );
}
return $user_data;
}, 10, 2);WordPress actions are generic events that other plugins can react to.
Actions API: add_action and do_actions
You'll probably only ever want to use add_action when hooking into this plugin.
React to a new user being created by this plugin.
Provides 1 argument: the \WP_User object that was created.
add_action('hello-login-user-create', function( $user ) {
// Send the user an email when their account is first created.
wp_mail(
$user->user_email,
__('Welcome to my web zone'),
"Hi {$user->first_name},\n\nYour account has been created at my cool website.\n\n Enjoy!"
);
}, 10, 2);React to the user being updated after login. This is the event that happens when a user logins and they already exist as a user in WordPress, as opposed to a new WordPress user being created.
Provides 1 argument: the user's WordPress user ID.
add_action('hello-login-user-update', function( $uid ) {
// Keep track of the number of times the user has logged into the site.
$login_count = get_user_meta( $uid, 'my-user-login-count', TRUE);
$login_count += 1;
add_user_meta( $uid, 'my-user-login-count', $login_count, TRUE);
});React to an existing user logging in (after authentication and authorization).
Provides 2 arguments: the WP_User object, and the $user_claim provided by the IDP server.
add_action('hello-login-update-user-using-current-claim', function( $user, $user_claim) {
// Based on some data in the user_claim, modify the user.
if ( !empty( $user_claim['wp_user_role'] ) ) {
if ( $user_claim['wp_user_role'] == 'should-be-editor' ) {
$user->set_role( 'editor' );
}
}
}, 10, 2); React to a user being redirected after a successful login. This hook is the last hook that will fire when a user logs in. It will only fire if the plugin setting "Redirect Back to Origin Page" is enabled at Dashboard > Settings > Hellō Login. It will fire for both new and existing users.
Provides 2 arguments: the url where the user will be redirected, and the WP_User object.
add_action('hello-login-redirect-user-back', function( $redirect_url, $user ) {
// Take over the redirection complete. Send users somewhere special based on their capabilities.
if ( $user->has_cap( 'edit_users' ) ) {
wp_redirect( admin_url( 'users.php' ) );
exit();
}
}, 10, 2); React to a user being logged in.
Provides 1 argument: the WP_User object.
add_action('hello-login-user-logged-in', function( $user ) {
// Keep track of the number of times the user has logged into the site.
$login_count = get_user_meta( $user->ID, 'my-user-login-count', TRUE);
$login_count += 1;
add_user_meta( $user->ID, 'my-user-login-count', $login_count, TRUE);
});This plugin stores metadata about the user for both practical and debugging purposes.
hello-login-subject-identity- The identity of the user provided by the IDP server.hello-login-last-token- The user's most recent Id Token or other JWT, stored as a string.hello-login-invite_created- The Hellō invite event payload as a JSON string based on which the user account was created, linked or promoted.