Redirect Not Working with Magic Login and BuddyBoss Incompatibility and Multisit

  • indigetal

    (@indigetal)


    1 year, 4 months ago

    I have identified 4 issues, but I would like to note that some or all of these issues may be related to it being network activated on a multisite network:

    1. Magic Login does not always work. Especially on the main site of the network or on my subsite that has the BuddyBoss Platform plugin activated (I’m still trying to figure out what is causing this but it sometimes works on the other subsites). Once a user inputs their email to be sent, it displays an error saying “You are trying too much. Please try after 30 minutes.” It might be hard to test this but I have witnessed it happening despite it being the first time attempting to login or after waiting 30 minutes. This was tested with all network and site plugins deactivated and

    2. When the magic login link does work, the login redirect that I set up does not work with it. It works fine when the email passcode is used, but the magic login link is mysite.com/wp-admin/. This results in an error presented to subscribers in particular saying:
    “You attempted to access the [Site] dashboard, but you do not currently have privileges on this site. If you believe you should be able to access the [Site] dashboard, please contact your network administrator.”

    3. On a multisite, it appears as though the two factor authentication does not trigger for users who are not registered to that subsite on the network but they are still able to login per normal multisite behavior. That bypasses the “Select roles that require two-factor authentication” setting, so they are able to log in without an email passcode or magic link. If they select Magic login link, they are sent a link to login but the first or second issues above occurs.

    4. Also on a multisite, and again with users who are not technically registered to the subsite, but logged into the network, the “Disable admin bar and /wp-admin/ access for selected user roles” is not triggered at all for users that are not assigned a user role. I would much prefer negation setting, like “Disable admin bar and /wp-admin/ access for specific user roles (Leave blank to enable admin bar and /wp-admin/ access for all users).”

Viewing 2 replies - 1 through 2 (of 2 total)
  • Thread Starter indigetal

    (@indigetal)

    1 year, 4 months ago

    To add to that list, I just discovered that a WAF rule set in Cloudflare to block admin access by role and IP broke the two-factor authentication for non-admin users in my membership site! Apparently FluentAuth’s two factor authentication requires administrative access, even when non-admin users are logging in?

    Thread Starter indigetal

    (@indigetal)

    1 year, 3 months ago

    I have now observed issues with the two-factor authentication not re-directing or logging in users after they input their one-time passcode. I again suspect this has to do with it being activated on a multisite network and/or a compatibility issue with the BuddyBoss Platform plugin. It is a shame because I did really like FluentAuth’s 2FA and log-in/out redirect features but at this time it is unuseable on a multisite or in combination with BuddyBoss.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Redirect Not Working with Magic Login and BuddyBoss Incompatibility and Multisit’ is closed to new replies.