wp_auth0_login_override_url Function Pluggable for Enhanced Customization

[TristanJones02]

Checklist

• I have looked into the Readme and the documentation, and have not found a suitable solution or answer.
• I have searched the issues and have not found a suitable solution or answer.
• I have searched the Auth0 Community forums and have not found a suitable solution or answer.
• I agree to the terms within the Auth0 Code of Conduct.

Describe the problem you'd like to have solved

We have multiple sites connected to Auth0 for authentication, but some sites, request partial usage of WP Login and Auth0. For example, Customers, who should only access one site, and are managed only by that site, should login via the standard WooCommerce/Wordpress Login Forms (e.g. via my account), while administrators should login via auth0 (via wp-admin or wp-login).

We need a method to allow, programmatically, the ability to disable auth0 for specific pages.

Describe the ideal solution

Purposed Solution:

Modify 'wp_auth0_login_override_url' function to become pluggable, allowing flexible function that can be overwritten with custom logic.

From this:

function wp_auth0_login_override_url( $login_url = null ) {
	$wle = wp_auth0_get_option( 'wordpress_login_enabled' );
	if ( 'no' === $wle ) {
		return '';
	}

	$wle_code = '';
	if ( 'code' === $wle ) {
		$wle_code = wp_auth0_get_option( 'wle_code' );
	}

	$login_url = $login_url ?: wp_login_url();
	return add_query_arg( 'wle', $wle_code, $login_url );
}

To this:

if ( ! function_exists( 'wp_auth0_login_override_url' ) ) {
    function wp_auth0_login_override_url( $login_url = null ) {
        $wle = wp_auth0_get_option( 'wordpress_login_enabled' );
        if ( 'no' === $wle ) {
            return '';
        }

        $wle_code = '';
        if ( 'code' === $wle ) {
            $wle_code = wp_auth0_get_option( 'wle_code' );
        }

        $login_url = $login_url ?: wp_login_url();
        return add_query_arg( 'wle', $wle_code, $login_url );
    }
}

Alternatives and current workarounds

Tested on existing code base, the following, which allows normal user authentication on the Front Page, WooCommerce Pages, My Account Page:

function wp_auth0_login_override_url( $login_url = null ) {
    // Check if the current page is home, a WooCommerce page, or an account page
    if (is_home() || is_woocommerce() || is_account_page()) {
        // If one of these conditions is true, return the default login URL without any modifications
        return wp_login_url();
    }

    $wle = wp_auth0_get_option('wordpress_login_enabled');
    if ('no' === $wle) {
        return '';
    }

    $wle_code = '';
    if ('code' === $wle) {
        $wle_code = wp_auth0_get_option('wle_code');
    }

    $login_url = $login_url ?: wp_login_url();
    return add_query_arg('wle', $wle_code, $login_url);
}

Additional context

No response

[evansims]

Hey @TristanJones02 👋 Thanks for raising this, and sharing that workaround. With v5 now available, we're no longer making changes outside critical security fixes for v4. However, I am sure some v4 users who are unable to upgrade to v5 at this time will find that workaround valuable as reference here.