So I need a way to lock down both bigcommerce and wordpress if a user is not logged in. First suggestion was asking if when a user is created in bigcommerce create the same user account in WP... but that doesn't seem like a good approach to me since the user will not need any interaction as a user on WP just need to block access to pages if they are not logged in.
So my thought is to check if a user is logged into bigcommerce, then pass a variable to wp header file. If the variable does not exist then redirect them back to bigcommerce login. For this install BigCommerce is currently using the header from wp so they match and all works well so that is why I assume I should be able to pass a variable to check if a user is logged into bigcommerce or not. I have not been able to find any documentation in the API about accessing if a user is logged in or not.
Has anyone done anything like this and or know if this would be possible? Or know of a better solution for what I am trying to do. Maybe check for a cookie or session?
Recently I did a project where the client wanted to show custom content to bigcommerce loggedin users and block the rest. The best way I found was to check the value of %%GLOBAL_CurrentCustomerFirstName%%. It is "Guest" for non-loggedin users.
you can try this:
localStorage.setItem("user", %%GLOBAL_CurrentCustomerFirstName%% );
and then you can use on wordpress pages :
var user = localStorage.getItem("user");
if(user=="Guest"){
//redirect to login or block page
}
Obviously they can get around javascript so using ajax to store it somewhere and then retrieving it would be more secure but I hope this will help you proceed :)
Related
I was trying to figure out if it is possible to filter the entered username/email address before the user gets authenticated and logged in.
This way users won't be able to login using previously defined usernames/emails using a specific frontend login form.
As we have changed the default login page URL hackers won't be able to find the default login form easily and get access to administrative accounts.
Is it possible, any ideas?
I want to create a new page or post when a user registers in my wordpress website. And I want it to keep its access specific to that user and noone else. Is there a pluggin for the same? If not, can anyone just hint me to add user specific encryption php function to that page? Like the params and everything.
I'm a newbie to Wordpress and I need to password protect certain pages of my site. I also need to be able to have users request a password that I can then create and send them so they can log in and see the content that is password protected. Any plugins or suggestions would be appreciated.
Password protecting posts and pages is actually built in to WordPress.
On the left hand side of your page editor, you will see this:
If you change the visibility from public to password protected you can ensure that only logged in users can see that specific page/post.
If you want to approve user registrations, I would suggest having a look at the New User Approve plugin. Alternatively, you can try to write a function to do it yourself, and if you get stuck, post your progress here and we can help you adjust.
I am creating a website on top wordpress,
The reason to use wordpress is that,
We want to restrict or block the entire site,
Only registered people should be able to access the site that too after verification,
Can anybody help me choosing the right plugins to achieve this.
Note : the site will be similar to a membership website, but the users who are going to use this are not paying, We just want to allow only people whom we approve.
Example: The steps are the one we are looking,
Default page should be Registration page,
Once Registered, Email verification has to be done by clicking the link in the Email ID giving during registration,
Post verification, Email with log-in page link along with username & password goes to the user's registered Email ID,
User logs-in using the username and password,
User is able to view the entire site
I AM A NEWBIE IN WORDPRESS,
Thanks
Ashok
Check this plugin : https://fr.wordpress.org/plugins/wp-user-frontend/
It's the best to make membership / private page / registration page and etc.. and he is the most documented plugin on this.
Have fun and welcome on Wordpress :)
I'm currently building a site where I want anonymous users to see a page which talks about what the site is about, but shows no content. It only offers two options
Register
Login (username & password field)
Once the user logs in, they should be redirected to a specific frontpage.
I tried using drupal/front module, but that did not work. Anynmous access was always shown as access denied
I think I could LoginToboggan to redirect authenticated users but not sure what to do about the frontpage.
thanks
When you say that you want the front page to show now content you really just mean you only want to show static copy right?
One way to do this is with views and the context module.
Create blocks with views of the content that you want to hide.
Create some regular blocks from the blocks menu.
The magic happens with the context module. It lets you set up custom rules for which blocks to display where and when. You can set it so that some blocks show up for anon users and other blocks show up for authenticated.
Set it up so that the static copy that talks about the site shows up for anon users along with the login block.
You can tell context module load whatever content you need on the home page with views generated with blocks.
Set up context module to load all of your blocks for you instead of drupal's core block system.
I'm sure you could do this somehow with panels too, but I couldn't tell you how.
Make sure that the page you are redirecting to is accessible for anonymous users. The most likely reason for your acess denied message is that anonymous users do not have permission for that page.
You could also try the Rules module to redirect after login.
Checkout my response to a similar question answered on Drupal.org. I'll repost here as well:
http://drupal.org/node/1962546
I also used Context but with a few other items to help.
I've done this, not with Facebook or LinkedIn however but with another
login based site.
Required modules: Omega theme Context Delta Views Some type of access
control Custom version of r4032login
How I did it: All content is locked down. r4032login redirects all non
logged in users to login, even if they try to get to a certain page.
Create a new delta: In here I have create a content region and shown
only what I need (custom login page).
Context Checks User Role must be anonymous user It then has a rule to
activate a delta, which is basically a copy of your theme
functionality: (Homepage login)
The login is set to forward the user to /frontpage which is a view, it
requires authenticated permissions to view. Once a user is logged in,
the redirect module forwards to the /frontpage (main page) and
permissions are verified and they're in.
If you need more details let me know. This is more of a complex
implementation I have in place but I'm sure there are also others
interesting in doing it.