Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(reader-auth): send WP login reminder email to non-reader accounts #3796

Open
wants to merge 9 commits into
base: trunk
Choose a base branch
from
Open

feat(reader-auth): send WP login reminder email to non-reader accounts #3796

wants to merge 9 commits into from

Conversation

dkoo
Copy link
Contributor

@dkoo dkoo commented Mar 5, 2025
edited by adekbadek
Loading

All Submissions:

Changes proposed in this Pull Request:

Addresses some persistent confusion expressed by publishers who are trying to use reader-based login and registration flows to log into their non-reader (admin, editor, author, etc.) accounts. In this scenario, we can send the user an email to remind them to log in via the regular WP login page instead of reader-facing UIs.

How to test the changes in this Pull Request:

  1. Check out this branch.
  2. Visit Newspack > Engagement > Reader Activation > Advanced Settings > Transactional Email Content and confirm there's a new "Non-reader account" email at the bottom of the list.
Screenshot 2025-03-04 at 5 17 47 PM
  1. Edit this email and confirm it looks something like this:
Screenshot 2025-03-04 at 5 08 55 PM
  1. In a new incognito session, attempt to register a reader account via the Registration block using an email address already associated with an admin, editor, or author user account. Confirm that you see the message that the account is already registered:
Screenshot 2025-03-04 at 5 08 26 PM
  1. Check the email inbox associated with the email address and confirm that you got the reminder email as in step 3. Confirm that the "Continue to [Site Name]" button leads to the WP login form page.
  2. In the incognito session, attempt to login and register via the "Sign In" modal. Confirm that you see the following when attempting to login or register, and that in either case you get the reminder email in the email address's inbox:

Logging in (note: we could show a message directing the user to check their email here instead, if desired):

Screenshot 2025-03-04 at 5 08 06 PM

Registering:

Screenshot 2025-03-04 at 5 41 04 PM
  1. Update and save the email template in step 3, repeat steps 4-5, and confirm that the sent reminder email matches the updated content.
  2. Try to register via the Sign In modal with an existing reader account email address and confirm that you see the following messages depending on whether the reader account has set a password:

Has a password:
Screenshot 2025-03-04 at 5 40 50 PM

No password:
Screenshot 2025-03-04 at 5 43 34 PM

  1. Smoke test registering a new reader account and logging into an existing reader account using both password and OTP.

Other information:

  • Have you added an explanation of what your changes do and why you'd like us to include them?
  • Have you written new tests for your changes, as applicable?
  • Have you successfully ran tests with your changes locally?

@dkoo dkoo added the [Status] Needs Review The issue or pull request needs to be reviewed label Mar 5, 2025
@dkoo dkoo self-assigned this Mar 5, 2025
@dkoo dkoo requested a review from a team as a code owner March 5, 2025 00:25
@adekbadek adekbadek mentioned this pull request Mar 6, 2025
Closed
6 tasks
@adekbadek adekbadek changed the base branch from fix/ras-sign-in to trunk March 21, 2025 10:53
adekbadek
adekbadek requested changes Mar 21, 2025
View reviewed changes
Copy link
Member

@adekbadek adekbadek left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

publishers who are trying to use reader-based login and registration flows to log into their non-reader (admin, editor, author, etc.) accounts

I assume the reason for the email solution is because we don't want to enable fishing for admin email addresses. Just noting because I'd expect that noted somewhere, preferably in the code.

I think the reminder email content should be more explicit about using the /wp-admin link and point out that the user tried to use a login flow reserved for readers.

includes/templates/reader-activation-emails/non-reader.php Outdated
.has-vivid-cyan-blue-color { color: #0693e3; }
.has-vivid-purple-color { color: #9b51e0; }
.has-primary-text-color { color: black; }
.has-secondary-text-color { color: white; }</style></head><body style="word-spacing:normal;background-color:#ffffff;"><div style="display:none;font-size:1px;color:#ffffff;line-height:1px;max-height:0px;max-width:0px;opacity:0;overflow:hidden;">Sign in Someone attempted to sign into your account on *SITE_TITLE*. Please use the following link to sign in: Continue to *SITE_TITLE*</div><div class="updated-1741129652" style="background-color:#ffffff;" lang="und" dir="auto"><!--[if mso | IE]><table align="center" border="0" cellpadding="0" cellspacing="0" class="" role="presentation" style="width:600px;" width="600" ><tr><td style="line-height:0px;font-size:0px;mso-line-height-rule:exactly;"><![endif]--><div style="margin:0px auto;max-width:600px;"><table align="center" border="0" cellpadding="0" cellspacing="0" role="presentation" style="width:100%;"><tbody><tr><td style="direction:ltr;font-size:0px;padding:56px 56px 56px 56px;text-align:center;"><!--[if mso | IE]><table role="presentation" border="0" cellpadding="0" cellspacing="0"><tr><td class="" width="600px" ><table align="center" border="0" cellpadding="0" cellspacing="0" class="" role="presentation" style="width:488px;" width="488" ><tr><td style="line-height:0px;font-size:0px;mso-line-height-rule:exactly;"><![endif]--><div style="margin:0px auto;max-width:488px;"><table align="center" border="0" cellpadding="0" cellspacing="0" role="presentation" style="width:100%;"><tbody><tr><td style="direction:ltr;font-size:0px;padding:0;text-align:center;"><!--[if mso | IE]><table role="presentation" border="0" cellpadding="0" cellspacing="0"><tr><td class="" style="vertical-align:top;width:488px;" ><![endif]--><div class="mj-column-per-100 mj-outlook-group-fix" style="font-size:0px;text-align:left;direction:ltr;display:inline-block;vertical-align:top;width:100%;"><table border="0" cellpadding="0" cellspacing="0" role="presentation" width="100%"><tbody><tr><td style="vertical-align:top;padding:12px;"><table border="0" cellpadding="0" cellspacing="0" role="presentation" width="100%"><tbody><tr><td align="left" style="font-size:0px;padding:0;word-break:break-word;"><table border="0" cellpadding="0" cellspacing="0" role="presentation" style="border-collapse:collapse;border-spacing:0px;"><tbody><tr><td style="width:50px;"><a href="https://dkoo.jurassic.tube?np_newsletters_click=1&id=257&url=https%3A%2F%2Fdkoo.jurassic.tube%2F%3Futm_medium%3Demail&em=*|EMAIL|*" target=""><img alt="logo" src="https://dkoo.jurassic.tube/wp-content/uploads/2025/02/logo.png" style="border:0;display:block;outline:none;text-decoration:none;height:auto;width:100%;font-size:13px;" width="50" height="auto"></a></td></tr></tbody></table></td></tr></tbody></table></td></tr></tbody></table></div><!--[if mso | IE]></td></tr></table><![endif]--></td></tr></tbody></table></div><!--[if mso | IE]></td></tr></table></td></tr><tr><td class="" width="600px" ><table align="center" border="0" cellpadding="0" cellspacing="0" class="" role="presentation" style="width:488px;" width="488" ><tr><td style="line-height:0px;font-size:0px;mso-line-height-rule:exactly;"><![endif]--><div style="margin:0px auto;max-width:488px;"><table align="center" border="0" cellpadding="0" cellspacing="0" role="presentation" style="width:100%;"><tbody><tr><td style="direction:ltr;font-size:0px;padding:0;text-align:center;"><!--[if mso | IE]><table role="presentation" border="0" cellpadding="0" cellspacing="0"><tr><td class="" style="vertical-align:top;width:488px;" ><![endif]--><div class="mj-column-per-100 mj-outlook-group-fix" style="font-size:0px;text-align:left;direction:ltr;display:inline-block;vertical-align:top;width:100%;"><table border="0" cellpadding="0" cellspacing="0" role="presentation" width="100%"><tbody><tr><td style="vertical-align:top;padding:12px;"><table border="0" cellpadding="0" cellspacing="0" role="presentation" width="100%"><tbody><tr><td align="left" style="font-size:0px;padding:0;word-break:break-word;"><div style="font-family:Arial;font-size:16px;line-height:1.5;text-align:left;color:#000000;"><h2 class="wp-block-heading" style="font-style:normal;font-weight:400">Sign in</h2></div></td></tr></tbody></table></td></tr></tbody></table></div><!--[if mso | IE]></td></tr></table><![endif]--></td></tr></tbody></table></div><!--[if mso | IE]></td></tr></table></td></tr><tr><td class="" width="600px" ><table align="center" border="0" cellpadding="0" cellspacing="0" class="" role="presentation" style="width:488px;" width="488" ><tr><td style="line-height:0px;font-size:0px;mso-line-height-rule:exactly;"><![endif]--><div style="margin:0px auto;max-width:488px;"><table align="center" border="0" cellpadding="0" cellspacing="0" role="presentation" style="width:100%;"><tbody><tr><td style="direction:ltr;font-size:0px;padding:0;text-align:center;"><!--[if mso | IE]><table role="presentation" border="0" cellpadding="0" cellspacing="0"><tr><td class="" style="vertical-align:top;width:488px;" ><![endif]--><div class="mj-column-per-100 mj-outlook-group-fix" style="font-size:0px;text-align:left;direction:ltr;display:inline-block;vertical-align:top;width:100%;"><table border="0" cellpadding="0" cellspacing="0" role="presentation" width="100%"><tbody><tr><td style="vertical-align:top;padding:12px;"><table border="0" cellpadding="0" cellspacing="0" role="presentation" width="100%"><tbody><tr><td align="left" style="font-size:0px;padding:0;word-break:break-word;"><div style="font-family:Georgia;font-size:16px;line-height:1.5;text-align:left;color:#000000;"><p>Someone attempted to sign into your account on *SITE_TITLE*. Please use the following link to sign in:</p></div></td></tr></tbody></table></td></tr></tbody></table></div><!--[if mso | IE]></td></tr></table><![endif]--></td></tr></tbody></table></div><!--[if mso | IE]></td></tr></table></td></tr><tr><td class="" width="600px" ><table align="center" border="0" cellpadding="0" cellspacing="0" class="" role="presentation" style="width:488px;" width="488" ><tr><td style="line-height:0px;font-size:0px;mso-line-height-rule:exactly;"><![endif]--><div style="margin:0px auto;max-width:488px;"><table align="center" border="0" cellpadding="0" cellspacing="0" role="presentation" style="width:100%;"><tbody><tr><td style="direction:ltr;font-size:0px;padding:0;text-align:center;"><!--[if mso | IE]><table role="presentation" border="0" cellpadding="0" cellspacing="0"><tr><td class="" style="" ><table align="center" border="0" cellpadding="0" cellspacing="0" class="" role="presentation" style="width:488px;" width="488" ><tr><td style="line-height:0px;font-size:0px;mso-line-height-rule:exactly;"><![endif]--><div style="margin:0px auto;max-width:488px;"><table align="center" border="0" cellpadding="0" cellspacing="0" role="presentation" style="width:100%;"><tbody><tr><td style="direction:ltr;font-size:0px;padding:0;text-align:left;"><!--[if mso | IE]><table role="presentation" border="0" cellpadding="0" cellspacing="0"><tr><td class="" width="488px" ><table align="center" border="0" cellpadding="0" cellspacing="0" class="" role="presentation" style="width:488px;" width="488" ><tr><td style="line-height:0px;font-size:0px;mso-line-height-rule:exactly;"><![endif]--><div style="margin:0px auto;max-width:488px;"><table align="center" border="0" cellpadding="0" cellspacing="0" role="presentation" style="width:100%;"><tbody><tr><td style="direction:ltr;font-size:0px;padding:0;text-align:left;"><!--[if mso | IE]><table role="presentation" border="0" cellpadding="0" cellspacing="0"><tr><td class="mj-column-has-width-outlook" style="vertical-align:top;width:488px;" ><![endif]--><div class="mj-column-per-100 mj-outlook-group-fix mj-column-has-width" style="font-size:0px;text-align:left;direction:ltr;display:inline-block;vertical-align:top;width:100%;"><table border="0" cellpadding="0" cellspacing="0" role="presentation" width="100%"><tbody><tr><td style="vertical-align:top;padding:12px;"><table border="0" cellpadding="0" cellspacing="0" role="presentation" width="100%"><tbody><tr><td align="left" style="font-size:0px;padding:0;word-break:break-word;"><table border="0" cellpadding="0" cellspacing="0" role="presentation" style="border-collapse:separate;line-height:100%;"><tbody><tr><td align="center" bgcolor="#ff8200 !important" role="presentation" style="border:none;border-radius:4px;cursor:auto;mso-padding-alt:12px 24px;background:#ff8200 !important;" valign="middle"><a href="*WP_LOGIN_URL*" style="display:inline-block;background:#ff8200 !important;color:#fff !important;font-family:Georgia;font-size:16px;font-weight:bold;line-height:1.5;margin:0;text-decoration:none;text-transform:none;padding:12px 24px;mso-padding-alt:0px;border-radius:4px;" target="_blank">Continue to *SITE_TITLE*</a></td></tr></tbody></table></td></tr></tbody></table></td></tr></tbody></table></div><!--[if mso | IE]></td></tr></table><![endif]--></td></tr></tbody></table></div><!--[if mso | IE]></td></tr></table></td></tr></table><![endif]--></td></tr></tbody></table></div><!--[if mso | IE]></td></tr></table></td></tr></table><![endif]--></td></tr></tbody></table></div><!--[if mso | IE]></td></tr></table></td></tr></table><![endif]--></td></tr></tbody></table></div><!--[if mso | IE]></td></tr></table><![endif]--> <img src="https://dkoo.jurassic.tube/wp-content/np-newsletters-pixel.php?id=257&#038;tid=oSa1m1Ic1jUXCCuAXE5y290Fd1R7M5Eo&#038;em=*|EMAIL|*" width="1" height="1" alt="" style="display: block; width: 1px; height: 1px; border: none; margin: 0; padding: 0;"></div></body></html>';
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I see instances of https://dkoo.jurassic.tube?np_newsletters_click in the body here. Should be removed.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Whoops, thanks for catching! Fixed in 8a827ac.

includes/reader-activation/class-reader-activation.php
self::send_non_reader_login_reminder( $existing_user );
return false;
}

// Don't send OTP email for newsletter signup.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This comment should be updated to explain the new condition.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Added an explanation in 458121d. Also made the email message more explicit in 8f96cc4:

Someone attempted to sign into your account on SITE_TITLE using a login method reserved for reader accounts. Please use the following link to sign in via the WordPress admin dashboard:

@adekbadek adekbadek added [Status] Needs changes or feedback The issue or pull request needs action from the original creator and removed [Status] Needs Review The issue or pull request needs to be reviewed labels Mar 21, 2025
@dkoo dkoo requested a review from adekbadek March 21, 2025 22:55
@dkoo
Copy link
Contributor Author

dkoo commented Mar 21, 2025

Thanks for the feedback, @adekbadek! I've responded in the threads above.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@adekbadek adekbadek Awaiting requested review from adekbadek

Requested changes must be addressed to merge this pull request.

Assignees

@dkoo dkoo

Labels
[Status] Needs changes or feedback The issue or pull request needs action from the original creator
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@dkoo @adekbadek @leogermani