Reset WordPress Password Challenge

Here’s a more technical and specific WordPress development question where a WordPress application has multiple emails stored for each login.

Question

I have a WordPress site that requires users to register using an email address as their username. It also grabs an additional email address during registration that becomes the user’s email meta data. This all works fine until someone loses their password and tries to reset it using the standard WordPress reset page. The problem is that WordPress is checking the username (an email address) against the email meta for the website users rather than against the username meta for users.

Any thoughts on how to approach this?

Answer

The retrieve_password() function WordPress uses to lookup a user is pluggable- which means you can copy it, alter it and WordPress will use your version instead of the core function.

Inside your custom function, using get_user_by( ‘login’, $email ); to retrieve a user by username… but providing the email instead should allow you to bypass the default behavior and lookup users correctly.

http://wpseek.com/function/get_user_by/

http://wpseek.com/function/retrieve_password/

http://codex.wordpress.org/Pluggable_Functions

Nick Ciske – CTO / CISO

Nick has a degree in Multimedia Design and over 25 years of experience working in web development and digital media. Nick specializes in architecting amazing and brilliant application solutions.

Tim Cimbura – CEO, CFO and Software Engineer

Tim is an expert in creating custom business solutions that make businesses more effective, productive, and profitable. He specializes in rapid application development with Claris FileMaker, Laravel, and WordPress. He also knows Apple macOS technology inside and out.

Nick Ciske – CTO / CISO

Tim Cimbura – CEO, CFO and Software Engineer

Engineering brilliant technology solutions for nearly 40 years