Reference
8. Authentication System
OEngageorravo.com/docs/oengage/8-authentication-system
Login Flow
- User submits email + password via AJAX (
or_login action)
BruteForce::is_locked() checks for too many recent attemptswp_authenticate() verifies credentials- If 2FA is enabled for the user, a pending token is returned and the 2FA form shows
- On success:
wp_set_auth_cookie(), session created, XP awarded for daily login, streak recorded
AJAX Actions
| Action | Handler | Auth |
|---|
or_login | AuthHandler::ajax_login | nopriv |
or_forgot_password | AuthHandler::ajax_forgot_password | nopriv |
or_reset_password | AuthHandler::ajax_reset_password | nopriv |
or_logout_session | AuthHandler::ajax_logout_session | logged-in |
