Tim Nolte
Tim Nolte
Also, if you are walking away from your computer without locking your screen that is also a bad security practice.
I'm also pretty sure that WordPress is presenting the modal popup re-authentication because there is unsaved work on that screen that it is giving the user an opportunity to be...
I'm not so sure about "unwanted manipulation" as someone wouldn't be able to make edits as any submission of a screen, after closing the pop-up, would fail due to WordPress...
@neonnero your second 2 items should be fully handled with either some existing changes or some changing coming in the next release. Your first request will still need to be...
The second two items already exist with the short code. Not showing the button when logged in is something I don't believe has been implemented yet.
I'm not sure the multisite has been sufficiently tested. I'll have to look at setting up a couple of multisite instances using subdirectory & subdomain and do some testing.
@milesimarco yes, what you are describing is what's defined as "Initiating Login from a Third Party" in the OpenID Connect specification. We will looking in to supporting that part of...
To speak to your alternative solution. You would have to change a lot of code in the plugin in order to get another copy to even begin to work, and...
@jimkleiber as @nranderson pointed out I think it would be better to use and IDP, like Amazon Cognito, that supports federated authentication. That is going to greatly simplify the WordPress...
@upachler just an FYI, that the state and transient are used for much more than that. The state transient also stores the original URL that initiated the login flow in...