Skip to content

fix: keep password reset on subsite domain (#291)#380

Merged
superdav42 merged 3 commits into
mainfrom
bugfix/291-password-reset-subsite-redirect
Mar 24, 2026
Merged

fix: keep password reset on subsite domain (#291)#380
superdav42 merged 3 commits into
mainfrom
bugfix/291-password-reset-subsite-redirect

Conversation

@superdav42

@superdav42 superdav42 commented Mar 24, 2026

Copy link
Copy Markdown
Collaborator

Summary

Fixes the password reset redirect bug where clicking "Lost your password?" from a subsite login form redirected users to the main network site's wp-login.php (or custom login page), causing a 404 when login URL obfuscation was enabled.

Root Cause

The lostpassword_url filter was reusing filter_login_url(), which always returns the main site's custom login page URL regardless of which site the user is on. On a subsite, this sent users to voyagosites.com/wp-login.php?action=lostpassword instead of staying on moonshottravel.voyagosites.com.

Changes

inc/checkout/class-checkout-pages.php

  • Replace add_filter('lostpassword_url', [$this, 'filter_login_url'], ...) with a dedicated filter_lostpassword_url() method
  • On the main site: delegates to filter_login_url() (existing behaviour unchanged)
  • On subsites: returns the current page URL with ?action=lostpassword, keeping users on their own domain throughout the entire password reset flow

inc/ui/class-login-form-element.php

  • Update the "Lost your password?" link to use wp_lostpassword_url() instead of add_query_arg('action', 'lostpassword') so it benefits from the new filter

Flow After Fix

  1. User on moonshottravel.voyagosites.com/login/ clicks "Lost your password?"
  2. wp_lostpassword_url()filter_lostpassword_url() → returns moonshottravel.voyagosites.com/login/?action=lostpassword
  3. User fills in email and submits (form already sets redirect_to to the subsite URL)
  4. After processing, lostpassword_redirect filter returns the subsite URL with ?checkemail=confirm
  5. User stays on their subsite throughout

Notes

The lostpassword form's redirect_to hidden field was already correctly set to the subsite URL, so the post-submission redirect was already working. The bug was only in the "Lost your password?" link that takes users to the lostpassword form view.

Closes #291

Summary by CodeRabbit

Release Notes

  • Bug Fixes
    • Fixed lost-password link behavior on subsites and custom login pages to ensure proper domain routing during password recovery.

When a user clicked 'Lost your password?' from a subsite login form,
the lostpassword_url filter was routing them to the main network site's
login page (or wp-login.php), causing a 404 when login URL obfuscation
was enabled.

Root cause: the lostpassword_url filter reused filter_login_url() which
always returns the main site's custom login page URL, regardless of
which site the user is on.

Fix:
- Add filter_lostpassword_url() that on subsites returns the current
  page URL with ?action=lostpassword, keeping users on their own domain
- On the main site, delegate to filter_login_url() (existing behaviour)
- Update the 'Lost your password?' link in Login_Form_Element to use
  wp_lostpassword_url() so it benefits from the new filter

The lostpassword form already sets redirect_to to the subsite page URL,
so the post-submission redirect back to the subsite was already correct.
The bug was only in the link that takes users to the lostpassword form.
@coderabbitai

coderabbitai Bot commented Mar 24, 2026

Copy link
Copy Markdown
Contributor

Warning

Rate limit exceeded

@superdav42 has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 18 minutes and 50 seconds before requesting another review.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

ℹ️ Review info
⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 2557c458-9ea4-433c-8bdd-128239bd1981

📥 Commits

Reviewing files that changed from the base of the PR and between fb454a3 and 8fce1c0.

📒 Files selected for processing (2)
  • inc/checkout/class-checkout-pages.php
  • inc/ui/class-login-form-element.php
📝 Walkthrough

Walkthrough

The changes fix password reset link handling for multisite installations by introducing a dedicated filter method in the Checkout Pages class that constructs lost-password URLs for subsites, preventing unwanted redirects to the main network site's login page.

Changes

Cohort / File(s) Summary
Lost Password URL Filtering
inc/checkout/class-checkout-pages.php
Adds new filter_lostpassword_url() method registered in init() that handles lost-password URL generation differently based on whether the request is on a subsite or main site, preventing inappropriate redirects to the primary network domain.
Login Form Link Generation
inc/ui/class-login-form-element.php
Updates the "Lost your password?" link to use WordPress's wp_lostpassword_url() function instead of manually constructing the URL with add_query_arg(), allowing the new filter to properly manage lost-password destinations.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Poem

🐰 A hop through the multisite maze so deep,
Lost passwords now stay where they should sleep—
No more wandering to the main site's door,
Subsites find their login once more! ✨

🚥 Pre-merge checks | ✅ 5
✅ Passed checks (5 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title clearly and concisely describes the primary fix: keeping password reset on the subsite domain, directly addressing the core issue resolved in the changeset.
Linked Issues check ✅ Passed The changes fully address the core requirement from issue #291: password reset flow now stays on subsite domains instead of redirecting to the main network site.
Out of Scope Changes check ✅ Passed All changes are tightly scoped to fixing the password reset redirect issue; no unrelated modifications are present in the changeset.
Docstring Coverage ✅ Passed Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch bugfix/291-password-reset-subsite-redirect

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@github-actions

Copy link
Copy Markdown

🔨 Build Complete - Ready for Testing!

📦 Download Build Artifact (Recommended)

Download the zip build, upload to WordPress and test:

🌐 Test in WordPress Playground (Very Experimental)

Click the link below to instantly test this PR in your browser - no installation needed!
Playground support for multisite is very limitied, hopefully it will get better in the future.

🚀 Launch in Playground

Login credentials: admin / password

PHPCS requires an empty line before block comments. Moving the
explanatory comment for the wp_lostpassword_url() change outside
the array definition to comply with the coding standard.
@github-actions

Copy link
Copy Markdown

🔨 Build Complete - Ready for Testing!

📦 Download Build Artifact (Recommended)

Download the zip build, upload to WordPress and test:

🌐 Test in WordPress Playground (Very Experimental)

Click the link below to instantly test this PR in your browser - no installation needed!
Playground support for multisite is very limitied, hopefully it will get better in the future.

🚀 Launch in Playground

Login credentials: admin / password

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 2

🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@inc/checkout/class-checkout-pages.php`:
- Around line 644-682: The filter_lostpassword_url method drops the $redirect
parameter for subsites; when building $subsite_lostpassword_url (using
wu_get_current_url(), remove_query_arg and add_query_arg) ensure you preserve
and append the redirect target by adding a redirect_to query arg when $redirect
is non-empty (or pass $redirect through to add_query_arg alongside the existing
action param), so callers that provide $redirect receive the redirect_to param
on subsites just like the main-site branch does via filter_login_url.

In `@inc/ui/class-login-form-element.php`:
- Around line 828-835: The PHPCS failure is caused by missing blank line before
the block comment above the 'content' array entry in
class-login-form-element.php; open the code around the 'content' => sprintf(...
wp_lostpassword_url() ...) line and insert a single empty line immediately
before the /* block comment so there is a blank line separating the previous
code and the comment, then keep the comment and the 'content' assignment
unchanged to satisfy the “Empty line required before block comment” rule.

ℹ️ Review info
⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: d770178d-ae80-40e8-8cb7-69256e092453

📥 Commits

Reviewing files that changed from the base of the PR and between e2fd324 and fb454a3.

📒 Files selected for processing (2)
  • inc/checkout/class-checkout-pages.php
  • inc/ui/class-login-form-element.php

Comment thread inc/checkout/class-checkout-pages.php
Comment thread inc/ui/class-login-form-element.php Outdated
When filter_lostpassword_url() is called with a non-empty $redirect
argument, include it as redirect_to in the subsite URL so callers
receive the same behaviour as on the main site via filter_login_url().

Addresses CodeRabbit review finding.
@superdav42 superdav42 merged commit 706d963 into main Mar 24, 2026
3 of 9 checks passed
@github-actions

Copy link
Copy Markdown

🔨 Build Complete - Ready for Testing!

📦 Download Build Artifact (Recommended)

Download the zip build, upload to WordPress and test:

🌐 Test in WordPress Playground (Very Experimental)

Click the link below to instantly test this PR in your browser - no installation needed!
Playground support for multisite is very limitied, hopefully it will get better in the future.

🚀 Launch in Playground

Login credentials: admin / password

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Password Reset redirect error

1 participant