Created
February 4, 2021 20:55
-
-
Save georgestephanis/ffa8617e066a39fc80fa3d487535071b to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
/** | |
* Plugin Name: Multisite Login Consolidation | |
* Author: georgestephanis | |
* License: GPLv2+ | |
* Requires PHP: 7 | |
* Network: true | |
*/ | |
add_action( 'login_init', function() { | |
if ( ! is_multisite() ) { | |
return; | |
} | |
if ( ! is_main_site() ) { | |
switch_to_blog( get_main_site_id() ); | |
wp_safe_redirect( wp_login_url( $_REQUEST['redirect_to'] ?? null ) ); | |
exit; | |
} | |
} ); |
This is a good start, but I have a hunch that it will need a bit more work.
- There isn't a way to make sure that the
$_REQUEST
variables are carried over, soaction
andcustomize-login
may not work interim-login
may not work, so the time-out pop-up modal thing may redirect in a weird way- I think you may lose your actual
redirect-to
which means that smart redirects won't work (unless you add them back with thelogin_redirect
filter) - Non default
$action
's (likeconfirm_admin_email
,lostpassword
,retrievepassword
, etc...) may not work
Here is what the WordPress.org SSO has morphed into over time. It's a little bit beastly, and depends upon the possible TLDs being known and predefined, which might not always be possible, and probably could/should be a wildcard with verification elsewhere. By this I mean that the various multi-site/network domains are limited for WordPress.org, but in an open-world installation (like WordPress.com) something else would need to happen.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The purpose of this is to redirect all logins for the multisite installation to the main site for the network in question.
This is for cases where the main site's login page may offer a SSO system of some sort -- and to avoid confusion and inconsistencies of other subsite login pages that don't offer that option.