Log in with Patreon seems to be partially incomplete?

Hi,

It seems that if you “Log in with Patreon” for the first time, using a Patreon account that “already” exists in the Wordpress installation, it is “supposed” to display an error asking you to log in with wordpress first.

What actually happens is nothing.

You go to the oauth screen, you authorise the connection between patreon and the wordpress install, and then get sent back to the login page (without being logged in).

I say “supposed”, because there is a query string added to the URI when being redirected back from the oauth permissions screen “?patreon_message=email_exists_login_with_wp_first”, and looking at the source of the login page, the plugin defines the css styles for a “.patreon-msg” class. That suggests that there were plans to show this error to the user.

However, there doesn’t seem to be a html element on the login page that actually applies the class, so this error message doesn’t show up.

In addition, even if I “was” to see that error message and know to log in with my pre-existing wordpress account instead, there doesn’t seem to be a very good UX for linking the accounts together in order for my pre-existing account to be given the patreon permission.

We don’t give the average user access to the back-end, but even if we did, there’s no “link patreon” option in the edit user profile.

There’s also no “link patreon” option on the “my account” page that WooCommerce adds (an ideal location in my opinion).

It would appear that the only way - that I can find - to link the accounts, is to return to “wp-login.php” after having already logged in with the wordpress account, and using the login with patreon button.

This “does” link the accounts together, but it’s a unrealistic process for a user to follow, as once logged in, they don’t tend to have an obvious route back to wp-login.php.

An existing user would need to note the query string added to the URL when getting the silent error, and then know enough about wordpress to make their way back manually to the login page after logging in.

I think there really needs to be a couple of quick fixes.

1. Add the HTML elements required to the login form in order for an existing user to actually “see” an error message about the existing email when they attempt to log in with patreon.
2. Add a custom page (preferably with an integration that sets the page as a tab on the WooCommerce MyAccount page) that provides users with either the “Log in with Patreon” button (if they are not linked), or a summary of their current permission status (if they have linked).

–

On a side note.

Looking at the usermeta data added when linking a wordpress user to patreon, it might be a bit safer to change the “user_firstname” to “patreon_user_firstname” and change “user_lastname” to “patreon_user_lastname”.

All the other meta information seems to have a patreon_ prefix, and it’s generally (IMO) safer to make sure that you use a consistent meta value naming scheme to prevent other plugins accidentally breaking things.

it is “supposed” to display an error asking you to log in with wordpress first.

Only when ‘Force strict oAuth’ is set to on. Default behavior should cause linking of the two accounts if the Patreon email was verified.

The error message should be showing in that case. If its not showing, its a bug.

Please verify whether you have that setting on.

In addition, even if I “was” to see that error message and know to log in with my pre-existing wordpress account instead, there doesn’t seem to be a very good UX for linking the accounts together in order for my pre-existing account to be given the patreon permission.

Just logging in via Patreon after that, or just unlocking an existing locked post does the trick.

A ‘link your Patreon account’ may have been a good idea, but we dont have a way to know whether a logged in WP user has a Patreon account or not.

Login button can be put in shortcodes or in widgets. But there should be a login via Patreon button indeed. Or, rather, ‘Connect’ via Patreon in cases where a WP user is already logged in.

Looking at the usermeta data added when linking a wordpress user to patreon, it might be a bit safer to change the “user_firstname” to “patreon_user_firstname” and change “user_lastname” to “patreon_user_lastname”.All the other meta information seems to have a patreon_ prefix, and it’s generally (IMO) safer to make sure that you use a consistent meta value naming scheme to prevent other plugins accidentally breaking things.

Currently we want the WP options for user first name and last name to be updated with those from Patreon.

…

I will look into some of your suggestions, which may indeed help a lot of people. Thanks.

No, Force Oauth is not enabled. If the default behaviour should have been to link the accounts, then it’s broken.

The only settings enabled are the “Enable Login With Patreon” and " “Allow Admins/Editors to ‘Login with Patreon’ Button”.

I “am” an Administrator though, so perhaps that makes a difference?

My point is that “just logging in” again isn’t easy to do when already logged in. I get your point about visiting an existing locked post, but you’re assuming that a locked post is going to be easy to find. What if Patreon is just a tiny part of a site, and finding the locked post isn’t quite so simple.

We’re using Patreon alongside WooCommerce as a secondary method of logging in, and the locked down content will be a handful of digital files that are only available to patrons. Those digital files will not be easily found by non-patrons because the primary purpose of the site is to sell physical products not digital patron rewards.

Which is why I suggested creating a “page” for the plugin (or a shortcode that someone can use to create one).

It would function as a “My Patreon Pledge” page (or something similar). By default, the page would have an explanation that the site is linked to a Patreon account, would pull some useful information from the campaign endpoint, include a link to become a patron and then depending on whether or not the plugin is detecting a logged in patron or not, either a login with patreon button, or a output of current pledge information from the members endpoint for the logged in patron.

I agree. Should that already exist?

The usermeta table meta_keys for name used by Wordpress are first_name and last_name not user_firstname and user_lastname like your plugin is currently setting. So that’s a bug in itself if you were not intending to create a pair of new random meta_keys.

That being said, I’d personally prefer it if you didn’t take over the Wordpress defaults, that could create problems for sites that are not primarily Patreon based. My first/last name on Patreon are different to my admin account on the website.

You’re not currently setting them on an account link (maybe you are on creation), but could you not set first_name and last_name just on new accounts created, but leave them alone when linking to an existing account. Maybe set patreon_firstname and patreon_lastname as supplimentary values?

–

On another side note.

It would appear that your “login with patreon” button is being added to the login/registration form using the assumption that the form is on wp-login.php. If the login/registration form is included elsewhere either via another plugin or a custom login form that returns wp_login_form then your login with Patreon button doesn’t display.

I’d suggest using the login_form and register_form actions to output the login button instead.

No, Force Oauth is not enabled. If the default behaviour should have been to link the accounts, then it’s broken.

If the Patreon email of the user is not verified, linking up will not happen in any of the cases. That would need to be determined.

Which is why I suggested creating a “page” for the plugin (or a shortcode that someone can use to create one).

Login shortcode exists:

[patreon_login_button] will render a login button in any page you put it in.

That being said, I’d personally prefer it if you didn’t take over the Wordpress defaults, that could create problems for sites that are not primarily Patreon based. My first/last name on Patreon are different to my admin account on the website.

That is indeed a valid point. This may be addressed in a following release by only updating the names of newly created users that were created from Patreon.

I’d suggest using the login_form and register_form actions to output the login button instead.

This may cause issues with sites which use custom login forms or login-modifying plugins. Especially in visual respect, it may spoil the design of widgets or forms which those plugins use. Login form is rather safe to put it in.

However it may be made optional, but the default behavior change must be hard-thought if implemented.