function override_authentication($user, $username, $password)
{
// Mirror standard WP authentication
if (is_a($user, 'WP_User')) {
return $user;
}
if (!empty($username)) {
// We have a login attempt so we are going to take over the authentication here
// 1. Check the user exists
if ($user = get_user_by('login', $username)) {
// 2. We have a user so check if they have an expired password.
if (!shrkey_has_usermeta_oncer($user->ID, '_shrkey_password_expired')) {
// No expired password setting for this user so fall through to original authentication
return;
}
// 3. We now need to authentication this user ourselves before we can continue
$authenticated = wp_authenticate_username_password('', $username, $password);
if (is_wp_error($authenticated)) {
// The credentials are not valid, so we'll return and fall through to the original function
return;
}
// We are still here so remove the original authentication method as we no longer need it
remove_action('authenticate', 'wp_authenticate_username_password', 20, 3);
// 4. Show the change password form as we want to force a password change at this point
$this->show_reset_password_form($authenticated, wp_generate_password(35, false), isset($_POST['redirect_to']) ? $_POST['redirect_to'] : false);
// Exit because we don't want to continue processing or pass anything along the chain at this point
exit;
} else {
// Invalid username - return and fall through to the original authentication function handle it
return;
}
}
return;
}
function add_user_action($actions, $user_object)
{
if (!shrkey_has_usermeta_oncer($user_object->ID, '_shrkey_password_expired')) {
$actions['userexpirepassword'] = "******" . wp_nonce_url("users.php?action=userexpirepassword&user="******"' title='" . __('Expire users password', 'expirepassword') . "'>" . __('Expire Password', 'expirepassword') . "</a>";
}
return $actions;
}