function wsl_process_login()
{
if (!isset($_REQUEST['action']) || $_REQUEST['action'] != "wordpress_social_login") {
return;
}
if (isset($_REQUEST['redirect_to']) && $_REQUEST['redirect_to'] != '') {
$redirect_to = $_REQUEST['redirect_to'];
// Redirect to https if user wants ssl
if (isset($secure_cookie) && $secure_cookie && false !== strpos($redirect_to, 'wp-admin')) {
$redirect_to = preg_replace('|^http://|', 'https://', $redirect_to);
}
if (strpos($redirect_to, 'wp-admin')) {
$redirect_to = get_option('wsl_settings_redirect_url');
}
}
if (empty($redirect_to)) {
$redirect_to = get_option('wsl_settings_redirect_url');
}
if (empty($redirect_to)) {
$redirect_to = site_url();
}
try {
// load hybridauth
require_once dirname(__FILE__) . "/../hybridauth/Hybrid/Auth.php";
// selected provider name
$provider = @trim(strip_tags($_REQUEST["provider"]));
// build required configuratoin for this provider
if (!get_option('wsl_settings_' . $provider . '_enabled')) {
throw new Exception('Unknown or disabled provider');
}
$config = array();
$config["base_url"] = plugins_url() . '/' . basename(dirname(__FILE__)) . '/hybridauth/';
$config["providers"] = array();
$config["providers"][$provider] = array();
$config["providers"][$provider]["enabled"] = true;
// provider application id ?
if (get_option('wsl_settings_' . $provider . '_app_id')) {
$config["providers"][$provider]["keys"]["id"] = get_option('wsl_settings_' . $provider . '_app_id');
}
// provider application key ?
if (get_option('wsl_settings_' . $provider . '_app_key')) {
$config["providers"][$provider]["keys"]["key"] = get_option('wsl_settings_' . $provider . '_app_key');
}
// provider application secret ?
if (get_option('wsl_settings_' . $provider . '_app_secret')) {
$config["providers"][$provider]["keys"]["secret"] = get_option('wsl_settings_' . $provider . '_app_secret');
}
// create an instance for Hybridauth
$hybridauth = new Hybrid_Auth($config);
// try to authenticate the selected $provider
if ($hybridauth->isConnectedWith($provider)) {
$adapter = $hybridauth->getAdapter($provider);
$hybridauth_user_profile = $adapter->getUserProfile();
} else {
throw new Exception('User not connected with ' . $provider . '!');
}
$user_email = $hybridauth_user_profile->email;
} catch (Exception $e) {
die("Unspecified error. #" . $e->getCode());
}
$user_id = null;
// if the user email is verified, then try to map to legacy account if exist
// > Currently only Facebook, Google, Yhaoo and Foursquare do provide the verified user email.
if (!empty($hybridauth_user_profile->emailVerified)) {
$user_id = (int) email_exists($hybridauth_user_profile->emailVerified);
}
// try to get user by meta if not
if (!$user_id) {
$user_id = (int) wsl_get_user_by_meta($provider, $hybridauth_user_profile->identifier);
}
// if user found
if ($user_id) {
$user_data = get_userdata($user_id);
$user_login = $user_data->user_login;
} else {
// generate a valid user login
$user_login = str_replace(' ', '_', strtolower($hybridauth_user_profile->displayName));
if (!validate_username($user_login)) {
$user_login = strtolower($provider) . "_user_" . md5($hybridauth_user_profile->identifier);
}
// user name should be unique
if (username_exists($user_login)) {
$i = 1;
$user_login_tmp = $user_login;
do {
$user_login_tmp = $user_login . "_" . $i++;
} while (username_exists($user_login_tmp));
$user_login = $user_login_tmp;
}
// generate an email if none
if (!isset($user_email) or !is_email($user_email)) {
$user_email = strtolower($provider . "_user_" . $user_login) . "@example.com";
}
// email should be unique
if (email_exists($user_email)) {
do {
$user_email = md5(uniqid(wp_rand(10000, 99000))) . "@example.com";
} while (email_exists($user_email));
}
$userdata = array('user_login' => $user_login, 'user_email' => $user_email, 'first_name' => $hybridauth_user_profile->firstName, 'last_name' => $hybridauth_user_profile->lastName, 'user_nicename' => $hybridauth_user_profile->displayName, 'display_name' => $hybridauth_user_profile->displayName, 'user_url' => $hybridauth_user_profile->profileURL, 'description' => $hybridauth_user_profile->description, 'user_pass' => wp_generate_password());
// Create a new user
$user_id = wp_insert_user($userdata);
// update user metadata
if ($user_id && is_integer($user_id)) {
update_user_meta($user_id, $provider, $hybridauth_user_profile->identifier);
} else {
die("An error occurred while creating a new user!");
}
}
$user_age = $hybridauth_user_profile->age;
// not that precise you say... well welcome to my world
if (!$user_age && (int) $hybridauth_user_profile->birthYear) {
$user_age = (int) date("Y") - (int) $hybridauth_user_profile->birthYear;
}
update_user_meta($user_id, 'wsl_user', $provider);
update_user_meta($user_id, 'wsl_user_gender', $hybridauth_user_profile->gender);
update_user_meta($user_id, 'wsl_user_age', $user_age);
update_user_meta($user_id, 'wsl_user_image', $hybridauth_user_profile->photoURL);
wp_set_auth_cookie($user_id);
wp_safe_redirect($redirect_to);
exit;
}
function wsl_process_login_hybridauth_authenticate($provider, $redirect_to)
{
try {
# Hybrid_Auth already used?
if (class_exists('Hybrid_Auth', false)) {
return wsl_render_notices_pages(_wsl__("Error: Another plugin seems to be using HybridAuth Library and made WordPress Social Login unusable. We recommand to find this plugin and to kill it with fire!", 'wordpress-social-login'));
}
// load hybridauth
require_once WORDPRESS_SOCIAL_LOGIN_ABS_PATH . "/hybridauth/Hybrid/Auth.php";
// build required configuratoin for this provider
if (!get_option('wsl_settings_' . $provider . '_enabled')) {
throw new Exception('Unknown or disabled provider');
}
$config = array();
$config["providers"] = array();
$config["providers"][$provider] = array();
$config["providers"][$provider]["enabled"] = true;
// provider application id ?
if (get_option('wsl_settings_' . $provider . '_app_id')) {
$config["providers"][$provider]["keys"]["id"] = get_option('wsl_settings_' . $provider . '_app_id');
}
// provider application key ?
if (get_option('wsl_settings_' . $provider . '_app_key')) {
$config["providers"][$provider]["keys"]["key"] = get_option('wsl_settings_' . $provider . '_app_key');
}
// provider application secret ?
if (get_option('wsl_settings_' . $provider . '_app_secret')) {
$config["providers"][$provider]["keys"]["secret"] = get_option('wsl_settings_' . $provider . '_app_secret');
}
// create an instance for Hybridauth
$hybridauth = new Hybrid_Auth($config);
// try to authenticate the selected $provider
if ($hybridauth->isConnectedWith($provider)) {
$adapter = $hybridauth->getAdapter($provider);
$hybridauth_user_profile = $adapter->getUserProfile();
// check hybridauth user email
$hybridauth_user_id = (int) wsl_get_user_by_meta($provider, $hybridauth_user_profile->identifier);
$hybridauth_user_email = sanitize_email($hybridauth_user_profile->email);
$hybridauth_user_login = sanitize_user($hybridauth_user_profile->displayName);
$request_user_login = "";
$request_user_email = "";
# {{{ linking new accounts
// Bouncer :: Accounts Linking is enabled
if (get_option('wsl_settings_bouncer_linking_accounts_enabled') == 1) {
// if user is linking account
// . we DO import contacts
// . we DO store the user profile
//
// . we DONT create another entry on user table
// . we DONT create nor update his data on usermeata table
if ($_REQUEST['action'] == "wordpress_social_link") {
global $current_user;
get_currentuserinfo();
$user_id = $current_user->ID;
return wsl_process_login_authenticate_wp_user_linked_account($user_id, $provider, $redirect_to, $adapter, $hybridauth_user_profile);
}
// check if connected user is linked account
$linked_account = wsl_get_user_linked_account_by_provider_and_identifier($provider, $hybridauth_user_profile->identifier);
// if linked account found, we connect the actual user
if ($linked_account) {
if (count($linked_account) > 1) {
return wsl_render_notices_pages(_wsl__("This {$provider} is linked to many accounts!", 'wordpress-social-login'));
}
$user_id = $linked_account[0]->user_id;
if (!$user_id) {
return wsl_render_notices_pages(_wsl__("Something wrong!", 'wordpress-social-login'));
}
return wsl_process_login_authenticate_wp_user($user_id, $provider, $redirect_to, $adapter, $hybridauth_user_profile);
}
}
# }}} linking new accounts
# {{{ module Bouncer
// Bouncer :: Filters by emails domains name
if (get_option('wsl_settings_bouncer_new_users_restrict_domain_enabled') == 1) {
if (empty($hybridauth_user_email)) {
return wsl_render_notices_pages(get_option('wsl_settings_bouncer_new_users_restrict_domain_text_bounce'));
}
$list = get_option('wsl_settings_bouncer_new_users_restrict_domain_list');
$list = preg_split('/$\\R?^/m', $list);
$current = strstr($hybridauth_user_email, '@');
$shall_pass = false;
foreach ($list as $item) {
if (trim(strtolower("@{$item}")) == strtolower($current)) {
$shall_pass = true;
}
}
if (!$shall_pass) {
return wsl_render_notices_pages(get_option('wsl_settings_bouncer_new_users_restrict_domain_text_bounce'));
}
}
// Bouncer :: Filters by e-mails addresses
if (get_option('wsl_settings_bouncer_new_users_restrict_email_enabled') == 1) {
if (empty($hybridauth_user_email)) {
return wsl_render_notices_pages(get_option('wsl_settings_bouncer_new_users_restrict_email_text_bounce'));
}
$list = get_option('wsl_settings_bouncer_new_users_restrict_email_list');
$list = preg_split('/$\\R?^/m', $list);
$shall_pass = false;
foreach ($list as $item) {
if (trim(strtolower($item)) == strtolower($hybridauth_user_email)) {
$shall_pass = true;
}
}
if (!$shall_pass) {
return wsl_render_notices_pages(get_option('wsl_settings_bouncer_new_users_restrict_email_text_bounce'));
}
}
// Bouncer :: Filters by profile urls
if (get_option('wsl_settings_bouncer_new_users_restrict_profile_enabled') == 1) {
$list = get_option('wsl_settings_bouncer_new_users_restrict_profile_list');
$list = preg_split('/$\\R?^/m', $list);
$shall_pass = false;
foreach ($list as $item) {
if (trim(strtolower($item)) == strtolower($hybridauth_user_profile->profileURL)) {
$shall_pass = true;
}
}
if (!$shall_pass) {
return wsl_render_notices_pages(get_option('wsl_settings_bouncer_new_users_restrict_profile_text_bounce'));
}
}
// if user do not exist
if (!$hybridauth_user_id) {
// Bouncer :: Accept new registrations
if (get_option('wsl_settings_bouncer_registration_enabled') == 2) {
return wsl_render_notices_pages(_wsl__("registration is now closed!", 'wordpress-social-login'));
}
// Bouncer :: Profile Completion
if (get_option('wsl_settings_bouncer_profile_completion_require_email') == 1 && empty($hybridauth_user_email) || get_option('wsl_settings_bouncer_profile_completion_change_username') == 1) {
do {
list($shall_pass, $request_user_login, $request_user_email) = wsl_process_login_complete_registration($provider, $redirect_to, $hybridauth_user_email, $hybridauth_user_login);
} while (!$shall_pass);
}
}
# }}} module Bouncer
} else {
throw new Exception('User not connected with ' . $provider . '!');
}
} catch (Exception $e) {
return wsl_render_notices_pages(sprintf(_wsl__("Unspecified error. #%d", 'wordpress-social-login'), $e->getCode()));
}
$user_id = null;
// if the user email is verified, then try to map to legacy account if exist
// > Currently only Facebook, Google, Yahaoo and Foursquare do provide the verified user email.
if (!empty($hybridauth_user_profile->emailVerified)) {
$user_id = (int) email_exists($hybridauth_user_profile->emailVerified);
}
// try to get user by meta if not
if (!$user_id) {
$user_id = (int) wsl_get_user_by_meta($provider, $hybridauth_user_profile->identifier);
}
return array($user_id, $adapter, $hybridauth_user_profile, $hybridauth_user_id, $hybridauth_user_email, $request_user_login, $request_user_email);
}
