Login: Support login for sites with captcha plugins (#16372)

itsmeichigo · web-flow · commit 5d49005cd640 · 2025-11-21T15:22:24.000+07:00
diff --git a/RELEASE-NOTES.txt b/RELEASE-NOTES.txt
@@ -3,6 +3,7 @@
 
 23.8
 -----
+- [*] Better support site credential login for sites with captcha plugins [https://github.com/woocommerce/woocommerce-ios/pull/16372]
 - [*] Crash fix attempt to resolve the race condition in request authenticator swapping [https://github.com/woocommerce/woocommerce-ios/pull/16370]
 - [Internal] Fix broken navigation to a variable product selector [https://github.com/woocommerce/woocommerce-ios/pull/16363]
 
diff --git a/WooCommerce/Classes/Authentication/AuthenticationManager.swift b/WooCommerce/Classes/Authentication/AuthenticationManager.swift
@@ -372,7 +372,7 @@ extension AuthenticationManager: WordPressAuthenticatorDelegate {
             }
         }()
 
-        // Only show the tutorial if the error can be solved by the app password flow.
+        // Show the tutorial immediately if it's obvious that the error can be solved by the app password flow.
         if isAppPasswordAuthError {
             presentAppPasswordTutorial(error: error, for: siteURL, in: viewController)
         } else {
@@ -798,10 +798,22 @@ private extension AuthenticationManager {
     /// Presents login error alert before redirecting user to the site login using a web view.
     ///
     private func presentAppPasswordAlert(error: Error, for siteURL: String, in viewController: UIViewController) {
-
+        let shouldEnableWebFlow: Bool = {
+            /// Since our detection of invalid credentials error might be inaccurate,
+            /// adding the fallback to web flow would unblock users from login.
+            if let siteCredentialError = error as? SiteCredentialLoginError,
+               case .invalidCredentials = siteCredentialError {
+                return true
+            }
+            return false
+        }()
+        let defaultAction = shouldEnableWebFlow ? { [weak self] in
+            guard let self else { return }
+            presentApplicationPasswordWebView(for: siteURL, in: viewController)
+        } : nil
         let alertController = FancyAlertViewController.makeSiteCredentialLoginErrorAlert(
             message: (error as NSError).localizedDescription,
-            defaultAction: nil
+            defaultAction: defaultAction
         )
 
         viewController.present(alertController, animated: true)
diff --git a/WooCommerce/Classes/Authentication/SiteCredentialLoginUseCase.swift b/WooCommerce/Classes/Authentication/SiteCredentialLoginUseCase.swift
@@ -183,11 +183,14 @@ private extension SiteCredentialLoginUseCase {
             guard let html = String(data: data, encoding: .utf8) else {
                 throw SiteCredentialLoginError.invalidLoginResponse
             }
-            if html.hasInvalidCredentialsPattern() {
+
+            // Extracts error message from the HTML to determine whether there's an authentication issue
+            // otherwise we'll assume it's an invalid response
+            let errorMessage = html.findLoginErrorMessage() ?? ""
+
+            if html.hasInvalidCredentialsPattern(),
+               !errorMessage.lowercased().contains(Constants.captchaText) {
                 throw SiteCredentialLoginError.invalidCredentials
-            }
-            if let errorMessage = html.findLoginErrorMessage() {
-                throw SiteCredentialLoginError.loginFailed(message: errorMessage)
             } else {
                 throw SiteCredentialLoginError.invalidLoginResponse
             }
@@ -227,6 +230,7 @@ extension SiteCredentialLoginUseCase {
         static let loginPath = "/wp-login.php"
         static let adminPath = "/wp-admin"
         static let wporgNoncePath = "/admin-ajax.php?action=rest-nonce"
+        static let captchaText = "captcha"
     }
 }
 
