Reset WordPress Password Challenge

Here’s a more technical and specific WordPress development question where a WordPress application has multiple emails stored for each login.

Question

I have a WordPress site that requires users to register using an email address as their username. It also grabs an additional email address during registration that becomes the user’s email meta data. This all works fine until someone loses their password and tries to reset it using the standard WordPress reset page. The problem is that WordPress is checking the username (an email address) against the email meta for the website users rather than against the username meta for users.

Any thoughts on how to approach this?

Answer

The retrieve_password() function WordPress uses to lookup a user is pluggable- which means you can copy it, alter it and WordPress will use your version instead of the core function.

Inside your custom function, using get_user_by( ‘login’, $email ); to retrieve a user by username… but providing the email instead should allow you to bypass the default behavior and lookup users correctly.

http://wpseek.com/function/get_user_by/

http://wpseek.com/function/retrieve_password/

http://codex.wordpress.org/Pluggable_Functions

Nick Ciske – CTO / CISO

Nick has a degree in Multimedia Design and over 20 years of experience working in web development and digital media. In his career he’s built or rebuilt just about every kind of website, including many content management systems (before WordPress), several custom e-commerce systems, and hundreds of websites.

Tim Cimbura – CEO and Software Engineer

Tim is an expert in creating custom business solutions that make businesses more effective, productive, and profitable. He specializes in rapid application development with the Claris platform including FileMaker and WordPress. He also knows Apple macOS technology inside and out.

Nick Ciske – CTO / CISO

Tim Cimbura – CEO and Software Engineer

Providing Brilliant Solutions Since 1986