dwindown/WooNooW
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: auto-login after checkout, ThankYou guest buttons, forgot password page

Browse Source 
1. Auto-login after checkout:
   - Added wp_set_auth_cookie() and wp_set_current_user() in CheckoutController
   - Auto-registered users are now logged in when thank-you page loads

2. ThankYou page guest buttons:
   - Added 'Login / Create Account' button for guests
   - Shows for both receipt and basic templates
   - No more dead-end after placing order as guest

3. Forgot password flow:
   - Created ForgotPassword page component (/forgot-password route)
   - Added forgot_password API endpoint in AuthController
   - Uses WordPress retrieve_password() for reset email
   - Replaced wp-login.php link in Login page
This commit is contained in:
Dwindi Ramadhana
2026-01-01 17:36:40 +07:00
parent 62f25b624b
commit 78d7bc1161
7 changed files with 239 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
customer-spa/src/App.tsx
View File

@@ -16,6 +16,7 @@ import ThankYou from './pages/ThankYou';
import Account from './pages/Account'; import Account from './pages/Account';
import Wishlist from './pages/Wishlist'; import Wishlist from './pages/Wishlist';
import Login from './pages/Login'; import Login from './pages/Login';
import ForgotPassword from './pages/ForgotPassword';
// Create QueryClient instance // Create QueryClient instance
const queryClient = new QueryClient({ const queryClient = new QueryClient({
@@ -85,8 +86,9 @@ function AppRoutes() {
{/* Wishlist - Public route accessible to guests */} {/* Wishlist - Public route accessible to guests */}
<Route path="/wishlist" element={<Wishlist />} /> <Route path="/wishlist" element={<Wishlist />} />
{/* Login */} {/* Login & Auth */}
<Route path="/login" element={<Login />} /> <Route path="/login" element={<Login />} />
<Route path="/forgot-password" element={<ForgotPassword />} />
{/* My Account */} {/* My Account */}
<Route path="/my-account/*" element={<Account />} /> <Route path="/my-account/*" element={<Account />} />

161
customer-spa/src/pages/ForgotPassword/index.tsx Normal file
View File

@@ -0,0 +1,161 @@
import React, { useState } from 'react';
import { Link } from 'react-router-dom';
import { toast } from 'sonner';
import Container from '@/components/Layout/Container';
import { Button } from '@/components/ui/button';
import { Input } from '@/components/ui/input';
import { Label } from '@/components/ui/label';
import { KeyRound, ArrowLeft, Mail, CheckCircle } from 'lucide-react';
export default function ForgotPassword() {
const [email, setEmail] = useState('');
const [isLoading, setIsLoading] = useState(false);
const [isSuccess, setIsSuccess] = useState(false);
const [error, setError] = useState('');
const handleSubmit = async (e: React.FormEvent) => {
e.preventDefault();
setError('');
setIsLoading(true);
try {
const apiRoot = (window as any).woonoowCustomer?.apiRoot || '/wp-json/woonoow/v1';
const nonce = (window as any).woonoowCustomer?.nonce || '';
const response = await fetch(`${apiRoot}/auth/forgot-password`, {
method: 'POST',
headers: {
'Content-Type': 'application/json',
'X-WP-Nonce': nonce,
},
credentials: 'include',
body: JSON.stringify({ email }),
});
const data = await response.json();
if (data.success) {
setIsSuccess(true);
toast.success('Password reset email sent!');
} else {
setError(data.message || 'Failed to send reset email');
}
} catch (err: any) {
setError(err.message || 'An error occurred. Please try again.');
} finally {
setIsLoading(false);
}
};
// Success state
if (isSuccess) {
return (
<Container>
<div className="min-h-[60vh] flex items-center justify-center py-12">
<div className="w-full max-w-md">
<div className="bg-white rounded-2xl shadow-xl p-8 border text-center">
<div className="w-16 h-16 bg-green-100 rounded-full flex items-center justify-center mx-auto mb-4">
<CheckCircle className="w-8 h-8 text-green-600" />
</div>
<h1 className="text-2xl font-bold text-gray-900 mb-2">Check Your Email</h1>
<p className="text-gray-600 mb-6">
We've sent a password reset link to <strong>{email}</strong>.
Please check your inbox and click the link to reset your password.
</p>
<div className="space-y-3">
<Link to="/login">
<Button className="w-full">
Return to Login
</Button>
</Link>
<button
onClick={() => {
setIsSuccess(false);
setEmail('');
}}
className="text-sm text-gray-600 hover:text-primary"
>
Try a different email
</button>
</div>
</div>
</div>
</div>
</Container>
);
}
return (
<Container>
<div className="min-h-[60vh] flex items-center justify-center py-12">
<div className="w-full max-w-md">
{/* Back link */}
<Link
to="/login"
className="inline-flex items-center gap-2 text-sm text-gray-600 hover:text-gray-900 mb-6 no-underline"
>
<ArrowLeft className="w-4 h-4" />
Back to login
</Link>
<div className="bg-white rounded-2xl shadow-xl p-8 border">
{/* Header */}
<div className="text-center mb-8">
<div className="w-16 h-16 bg-primary/10 rounded-full flex items-center justify-center mx-auto mb-4">
<KeyRound className="w-8 h-8 text-primary" />
</div>
<h1 className="text-2xl font-bold text-gray-900">Forgot Password?</h1>
<p className="text-gray-600 mt-2">
Enter your email and we'll send you a link to reset your password.
</p>
</div>
{/* Error message */}
{error && (
<div className="bg-red-50 border border-red-200 text-red-700 px-4 py-3 rounded-lg mb-6">
{error}
</div>
)}
{/* Form */}
<form onSubmit={handleSubmit} className="space-y-6">
<div className="space-y-2">
<Label htmlFor="email">Email Address</Label>
<div className="relative">
<Mail className="absolute left-3 top-1/2 -translate-y-1/2 w-5 h-5 text-gray-400" />
<Input
id="email"
type="email"
value={email}
onChange={(e) => setEmail(e.target.value)}
placeholder="Enter your email"
required
autoComplete="email"
disabled={isLoading}
className="pl-10"
/>
</div>
</div>
<Button
type="submit"
className="w-full"
disabled={isLoading}
>
{isLoading ? 'Sending...' : 'Send Reset Link'}
</Button>
</form>
{/* Footer */}
<div className="mt-6 text-center text-sm text-gray-600">
Remember your password?{' '}
<Link to="/login" className="text-primary hover:underline">
Sign in
</Link>
</div>
</div>
</div>
</div>
</Container>
);
}

6
customer-spa/src/pages/Login/index.tsx
View File

@@ -187,12 +187,12 @@ export default function Login() {
{/* Footer links */} {/* Footer links */}
<div className="mt-6 text-center text-sm text-gray-600"> <div className="mt-6 text-center text-sm text-gray-600">
<a <Link
href="/wp-login.php?action=lostpassword" to="/forgot-password"
className="hover:text-primary" className="hover:text-primary"
> >
Forgot your password? Forgot your password?
</a> </Link>
</div> </div>
</div> </div>
</div> </div>

20
customer-spa/src/pages/ThankYou/index.tsx
View File

@@ -2,7 +2,7 @@ import React, { useEffect, useState } from 'react';
import { useParams, Link, useSearchParams } from 'react-router-dom'; import { useParams, Link, useSearchParams } from 'react-router-dom';
import { useThankYouSettings } from '@/hooks/useAppearanceSettings'; import { useThankYouSettings } from '@/hooks/useAppearanceSettings';
import Container from '@/components/Layout/Container'; import Container from '@/components/Layout/Container';
import { CheckCircle, ShoppingBag, Package, Truck, User } from 'lucide-react'; import { CheckCircle, ShoppingBag, Package, Truck, User, LogIn } from 'lucide-react';
import { Button } from '@/components/ui/button'; import { Button } from '@/components/ui/button';
import { formatPrice } from '@/lib/currency'; import { formatPrice } from '@/lib/currency';
import { apiClient } from '@/lib/api/client'; import { apiClient } from '@/lib/api/client';
@@ -196,13 +196,20 @@ export default function ThankYou() {
</Button> </Button>
</Link> </Link>
)} )}
{isLoggedIn && ( {isLoggedIn ? (
<Link to="/my-account"> <Link to="/my-account">
<Button size="lg" variant="outline" className="gap-2"> <Button size="lg" variant="outline" className="gap-2">
<User className="w-5 h-5" /> <User className="w-5 h-5" />
Go to Account Go to Account
</Button> </Button>
</Link> </Link>
) : (
<Link to="/login">
<Button size="lg" variant="outline" className="gap-2">
<LogIn className="w-5 h-5" />
Login / Create Account
</Button>
</Link>
)} )}
</div> </div>
</div> </div>
@@ -451,13 +458,20 @@ export default function ThankYou() {
</Button> </Button>
</Link> </Link>
)} )}
{isLoggedIn && ( {isLoggedIn ? (
<Link to="/my-account"> <Link to="/my-account">
<Button size="lg" variant="outline" className="gap-2"> <Button size="lg" variant="outline" className="gap-2">
<User className="w-5 h-5" /> <User className="w-5 h-5" />
Go to Account Go to Account
</Button> </Button>
</Link> </Link>
) : (
<Link to="/login">
<Button size="lg" variant="outline" className="gap-2">
<LogIn className="w-5 h-5" />
Login / Create Account
</Button>
</Link>
)} )}
</div> </div>

44
includes/Api/AuthController.php
View File

@@ -186,4 +186,48 @@ class AuthController {
], ],
], 200 ); ], 200 );
} }
/**
* Forgot password endpoint - sends password reset email
*
* @param WP_REST_Request $request Request object
* @return WP_REST_Response Response object
*/
public static function forgot_password( WP_REST_Request $request ): WP_REST_Response {
$email = sanitize_email( $request->get_param( 'email' ) );
if ( empty( $email ) || ! is_email( $email ) ) {
return new WP_REST_Response( [
'success' => false,
'message' => __( 'Please enter a valid email address', 'woonoow' ),
], 400 );
}
// Check if user exists
$user = get_user_by( 'email', $email );
if ( ! $user ) {
// For security, don't reveal if email exists or not
// But still return success to prevent email enumeration attacks
return new WP_REST_Response( [
'success' => true,
'message' => __( 'If an account exists with this email, you will receive a password reset link.', 'woonoow' ),
], 200 );
}
// Use WordPress's built-in password reset functionality
$result = retrieve_password( $user->user_login );
if ( is_wp_error( $result ) ) {
return new WP_REST_Response( [
'success' => false,
'message' => __( 'Failed to send password reset email. Please try again.', 'woonoow' ),
], 500 );
}
return new WP_REST_Response( [
'success' => true,
'message' => __( 'Password reset email sent! Please check your inbox.', 'woonoow' ),
], 200 );
}
} }

4
includes/Api/CheckoutController.php
View File

@@ -300,6 +300,10 @@ class CheckoutController {
// The real password is already set via wp_insert_user // The real password is already set via wp_insert_user
update_user_meta($new_user_id, '_woonoow_temp_password', $password); update_user_meta($new_user_id, '_woonoow_temp_password', $password);
// AUTO-LOGIN: Set authentication cookie so user is logged in after page reload
wp_set_auth_cookie($new_user_id, true);
wp_set_current_user($new_user_id);
// Set WooCommerce customer billing data // Set WooCommerce customer billing data
$customer = new \WC_Customer($new_user_id); $customer = new \WC_Customer($new_user_id);

7
includes/Api/Routes.php
View File

@@ -72,6 +72,13 @@ class Routes {
'permission_callback' => '__return_true', 'permission_callback' => '__return_true',
] ); ] );
// Forgot password endpoint (public)
register_rest_route( $namespace, '/auth/forgot-password', [
'methods' => 'POST',
'callback' => [ AuthController::class, 'forgot_password' ],
'permission_callback' => '__return_true',
] );
// Defer to controllers to register their endpoints // Defer to controllers to register their endpoints
CheckoutController::register(); CheckoutController::register();
OrdersController::register(); OrdersController::register();