Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(Sessions): Add remember me feature via a filter #513

Merged
merged 4 commits into from
Mar 17, 2024
Merged

feat(Sessions): Add remember me feature via a filter #513

merged 4 commits into from
Mar 17, 2024

Conversation

menno-ll
Copy link
Contributor

@menno-ll menno-ll commented Feb 13, 2024
edited
Loading

All Submissions:

Changes proposed in this Pull Request:

Closes #512 .

This change allows the user to, using a filter, login users via the rememberme option in WordPress.
The wordpress login cookies will then be set for 14 days by default instead of two days as a session.

I originally wanted to use the token expiration date to do so, however this doesn't seem possible as you cannot pass an expiration date to the wp_set_auth_cookie function. So instead I chose to implement the remember me feature as used by WordPress itself.

What could maybe be possible is to dynamically add a filter for auth_cookie_expiration, so the WP user cookie expiration can be set to the same value. This filter needs to be added temporarily, and then removed.
However this is kind of hacky and i think it would be better to submit that as a separate PR after this one is approved.

How to test the changes in this Pull Request:

  1. In your theme, add add_filter( 'openid-connect-generic-remember-me', '__return_true' ); to the functions.php file.
  2. Login using the openid connect plugin
  3. Open the development tools of your browser, and look at the cookie expiration. It should not be a session cookie, and it should be valid for 2 weeks.
    image

Other information:

  • Have you added an explanation of what your changes do and why you'd like us to include them?
  • Have you written new tests for your changes, as applicable?
  • Have you successfully run tests with your changes locally?

Changelog entry

Added the openid-connect-generic-remember-me filter to allow theme makers to login users using the remember me option.

@menno-ll menno-ll marked this pull request as ready for review February 13, 2024 15:41
@menno-ll menno-ll mentioned this pull request Feb 14, 2024
Merged
6 tasks
@menno-ll
Copy link
Contributor Author

I've added another PR #514 that actually sets the WP user cookie expiration time to the token expiration time of the IDP.

@menno-ll
Copy link
Contributor Author

This PR unit test does not succeed because of a connection error, not because the test itself is failing.
I however don't have the ability to re-run the unit test without making a change, which seems kind of useless.
If you could please restart it, that would be great. Thanks!

@menno-ll menno-ll mentioned this pull request Feb 14, 2024
Closed
@timnolte timnolte self-assigned this Mar 15, 2024
@timnolte timnolte added the status: needs review PR that needs review. label Mar 15, 2024
@timnolte timnolte changed the title Add remember me feature via a filter feat(Sessions): Add remember me feature via a filter Mar 17, 2024
@timnolte timnolte merged commit b00f7ca into oidc-wp:develop Mar 17, 2024
4 of 5 checks passed
@timnolte timnolte added status: approved PRs that have been approved and ready to be merged. and removed status: needs review PR that needs review. labels Mar 17, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@timnolte timnolte timnolte approved these changes

@daggerhart daggerhart Awaiting requested review from daggerhart daggerhart is a code owner

Assignees

@timnolte timnolte

Labels
status: approved PRs that have been approved and ready to be merged.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Add a filter / feature to login using rememberme, which allows longer valid login cookies
2 participants
@menno-ll @timnolte