From bad59c66549eb601fed963ed013f9b79305ca003 Mon Sep 17 00:00:00 2001
From: Jake Vanderwerf <get@jakevanderwerf.ca>
Date: Wed, 07 Jan 2026 20:09:14 +0000
Subject: [PATCH] =Feedblock integrated with refactored taxonomy selector

---
 inc/rest/routes/LoginRoutes.php |   21 ++++++++++++---------
 1 files changed, 12 insertions(+), 9 deletions(-)

diff --git a/inc/rest/routes/LoginRoutes.php b/inc/rest/routes/LoginRoutes.php
index 8c663c9..226692b 100644
--- a/inc/rest/routes/LoginRoutes.php
+++ b/inc/rest/routes/LoginRoutes.php
@@ -152,10 +152,10 @@
 		// Attempt login
 		$user = wp_signon([
 			'user_login'	=> $username,
-			'user_email' 	=> $username,
 			'user_password' => $password,
 			'remember' => $remember
-		], false);
+		], is_ssl());
+
 
 		if (is_wp_error($user)) {
 			// Track failed attempt
@@ -167,13 +167,14 @@
 				401
 			) : false;
 		}
-
 		// Clear failed attempts on success
 		$this->clearFailedAttempts($username);
 
 		// Set auth cookie with remember me flag
 		wp_set_current_user($user->ID);
-		wp_set_auth_cookie($user->ID, $remember);
+		wp_set_auth_cookie($user->ID, $remember, is_ssl());
+
+
 
 		// Store session fingerprint for hijacking protection
 		if ($request) {
@@ -267,13 +268,12 @@
 	 */
 	protected function getSessionId(int $user_id): string
 	{
-		// Use WordPress session tokens
-		$sessions = WP_Session_Tokens::get_instance($user_id);
 		$token = wp_get_session_token(); // Current session token
 
 		if (!$token) {
-			// Fallback to user-specific hash that changes on password reset
-			return md5($user_id . get_user_meta($user_id, 'session_tokens', true));
+			// Fallback to a hash based on user ID and current timestamp
+			// This will be replaced once the session token is available
+			return md5($user_id . time());
 		}
 
 		return md5($token);
@@ -370,6 +370,9 @@
 		wp_set_current_user($user->ID);
 		wp_set_auth_cookie($user->ID, true);
 
+		if (session_status() === PHP_SESSION_ACTIVE) {
+			session_regenerate_id(true);
+		}
 		// Store session fingerprint
 		$this->storeSessionFingerprint($user->ID, $request);
 
@@ -532,7 +535,7 @@
 			update_user_meta($user_id, BASE . $key, sanitize_text_field($value));
 		}
 
-		$redirect = $this->getRedirect($user, $request->get_param('redirect_to'), 'register');
+		$redirect = $this->getRedirect($user, $request->get_param('redirect_to')??get_home_url(null,'/dash'), 'register');
 
 		// Handle token handlers
 		do_action('jvbUserRegistered', $user_id, $email, $data);

--
Gitblit v1.10.0