/** * Front controller for LaunchKey Native/White Label authentication * * * @param WP_User $user Unused parameter always passed first by authenticate filter * @param string $username Username specified by the user in the login screen * @param string $password Password specifiedby the user in the login screen * * @since 1.0.0 */ public function authentication_controller($user, $username, $password) { if ($username && empty($password)) { // If username and no password, user is attempting passwordless login // Find the user by login $user = $this->wp_facade->get_user_by('login', $username); // If we have a user and thatg user is paired if ($user instanceof WP_User && $user->launchkey_username) { // Remove username and password authentication $this->wp_facade->remove_all_filters('authenticate'); // Work Around: Add a bogus filter to make sure that the launchkey_authentication filter will still run $this->wp_facade->add_filter('authenticate', array($this, 'null_method')); // Register LaunchKey authentication $this->wp_facade->add_filter('authenticate', array($this, 'launchkey_user_authentication'), 30, 2); } } elseif (!$username && !$password && ($user = $this->wp_facade->wp_get_current_user())) { // If no username or password and there is a current user, we are validating user is still logged in if ($user && $user->launchkey_username && 'false' === $user->launchkey_authorized) { $this->wp_facade->wp_logout(); } } }