feat(reader-activation): improve password reset flow

Automattic · Sep 6, 2022 · a05a9b6 · a05a9b6
1 parent 765361d
commit a05a9b6
Show file tree

Hide file tree

Showing 3 changed files with 65 additions and 25 deletions.
diff --git a/includes/emails/class-emails.php b/includes/emails/class-emails.php
@@ -497,5 +497,21 @@ public static function api_permissions_check( $request ) {
 		}
 		return true;
 	}
+
+	/**
+	 * Get a password reset URL.
+	 *
+	 * @param WP_User $user WP user object.
+	 * @param string  $key Reset key.
+	 */
+	public static function get_password_reset_url( $user, $key ) {
+		return add_query_arg(
+			[
+				'key' => $key,
+				'id'  => $user->ID,
+			],
+			wc_get_account_endpoint_url( 'lost-password' )
+		);
+	}
 }
 Emails::init();
diff --git a/includes/reader-activation/class-reader-activation-emails.php b/includes/reader-activation/class-reader-activation-emails.php
@@ -27,6 +27,10 @@ class Reader_Activation_Emails {
 	 */
 	public static function init() {
 		add_filter( 'newspack_email_configs', [ __CLASS__, 'add_email_configs' ] );
+
+		// Disable the default WC password reset email and replace it with ours.
+		add_filter( 'woocommerce_email_enabled_customer_reset_password', '__return_false' );
+		add_action( 'woocommerce_reset_password_notification', [ __CLASS__, 'send_reset_password_email' ], 10, 2 );
 	}
 
 	/**
@@ -89,5 +93,25 @@ public static function add_email_configs( $configs ) {
 		];
 		return $configs;
 	}
+
+	/**
+	 * Send password reset email.
+	 *
+	 * @param string $user_login User login.
+	 * @param string $key Password reset key.
+	 */
+	public static function send_reset_password_email( $user_login, $key ) {
+		$user = get_user_by( 'login', $user_login );
+		Emails::send_email(
+			self::EMAIL_TYPES['RESET_PASSWORD'],
+			$user->data->user_email,
+			[
+				[
+					'template' => '*PASSWORD_RESET_LINK*',
+					'value'    => Emails::get_password_reset_url( $user, $key ),
+				],
+			]
+		);
+	}
 }
 Reader_Activation_Emails::init();
diff --git a/includes/reader-activation/class-reader-activation.php b/includes/reader-activation/class-reader-activation.php
@@ -74,7 +74,7 @@ public static function init() {
 			\add_action( 'template_redirect', [ __CLASS__, 'process_auth_form' ] );
 			\add_filter( 'amp_native_post_form_allowed', '__return_true' );
 			\add_filter( 'woocommerce_email_actions', [ __CLASS__, 'disable_woocommerce_new_user_email' ] );
-			\add_filter( 'retrieve_password_notification_email', [ __CLASS__, 'password_reset_configuration' ] );
+			\add_filter( 'retrieve_password_notification_email', [ __CLASS__, 'password_reset_configuration' ], 10, 4 );
 			\add_action( 'lostpassword_post', [ __CLASS__, 'set_password_reset_mail_content_type' ] );
 		}
 	}
@@ -1375,41 +1375,41 @@ function( $type ) {
 	/**
 	 * Filters args sent to wp_mail when a password change email is sent.
 	 *
-	 * @param array $args The default notification email arguments. Used to build wp_mail().
+	 * @param array   $defaults {
+	 *       The default notification email arguments. Used to build wp_mail().
 	 *
-	 * @return array The filtered $args.
+	 *     @type string $to      The intended recipient - user email address.
+	 *     @type string $subject The subject of the email.
+	 *     @type string $message The body of the email.
+	 *     @type string $headers The headers of the email.
+	 * }
+	 * @param string  $key        The activation key.
+	 * @param string  $user_login The username for the user.
+	 * @param WP_User $user       WP_User object.
+	 *
+	 * @return array The filtered $defaults.
 	 */
-	public static function password_reset_configuration( $args ) {
+	public static function password_reset_configuration( $defaults, $key, $user_login, $user ) {
 		$config_name  = Reader_Activation_Emails::EMAIL_TYPES['RESET_PASSWORD'];
 		$email_config = Emails::get_email_config_by_type( $config_name );
 
-		$args['headers'] = sprintf(
+		$defaults['headers'] = sprintf(
 			'From: %1$s <%2$s>',
 			$email_config['from_name'],
 			$email_config['from_email']
 		);
-
-		$args['subject'] = $email_config['subject'];
-
-		$found_the_link = \preg_match(
-			'/.*wp-login\.php\?action=rp.*/',
-			$args['message'],
-			$matches
-		);
-		if ( $found_the_link ) {
-			$password_reset_url = $matches[0];
-			$args['message']    = Emails::get_email_payload(
-				$config_name,
+		$defaults['subject'] = $email_config['subject'];
+		$defaults['message'] = Emails::get_email_payload(
+			$config_name,
+			[
 				[
-					[
-						'template' => '*PASSWORD_RESET_LINK*',
-						'value'    => $password_reset_url,
-					],
-				]
-			);
-		}
+					'template' => '*PASSWORD_RESET_LINK*',
+					'value'    => Emails::get_password_reset_url( $user, $key ),
+				],
+			]
+		);
 
-		return $args;
+		return $defaults;
 	}
 
 	/**