Home app - Support for not requiring login (#2883)

cairocoder01 · web-flow · commit befbd76ba72b · 2026-02-10T09:53:54.000-06:00
* prevent redirect to login if login not required resolves #2881 * Refactors user ID handling in magic URLs Ensures correct user identification when using magic URLs, especially in scenarios where the user is not explicitly logged in. This change centralizes user ID retrieval using `DT_Magic_URL::get_current_user_id` to consistently determine the user based on the magic link's `post_id` and `post_type`. This prevents issues where the wrong user context was being applied, for example when generating the "Home" link or when determining which apps to display. It also updates the launcher to pass the user ID to the magic URL generation functions, so that the correct home link is displayed for the user. * fix claude comments * remove call to undefined function * modify cache-buster version for home-app.js
diff --git a/dt-apps/dt-home/assets/js/home-app.js b/dt-apps/dt-home/assets/js/home-app.js
@@ -7,7 +7,7 @@ class HomeApp {
   constructor() {
     // Check authentication before loading content
     // If user is not authenticated, they will be redirected by PHP before this JavaScript runs
-    if (jsObject.user_id === 0) {
+    if (jsObject.user_id === 0 && jsObject.require_login) {
       // This should not happen as PHP redirects unauthenticated users
       // But as a fallback, redirect to login
       const currentUrl = window.location.href;
diff --git a/dt-apps/dt-home/frontend/partials/launcher-bottom-nav.php b/dt-apps/dt-home/frontend/partials/launcher-bottom-nav.php
@@ -6,6 +6,7 @@
  * Only shown on app-type pages (not home screen or link-type apps).
  *
  * @var array $apps Array of all apps for the apps selector
+ * @var int $user_id The current user ID based on the magic link key
  * @var bool $is_wrapper_context Optional. If true, uses wrapper-specific class names to avoid conflicts.
  */
 
@@ -46,7 +47,7 @@
             <i class="mdi mdi-apps"></i>
             <?php esc_html_e( 'Apps', 'disciple_tools' ); ?>
         </button>
-        <a href="<?php echo esc_url( dt_home_magic_url( '' ) ); ?>" class="nav-item nav-item-home" aria-label="<?php esc_attr_e( 'Home', 'disciple_tools' ); ?>">
+        <a href="<?php echo esc_url( dt_home_magic_url( '', '', $user_id ) ); ?>" class="nav-item nav-item-home" aria-label="<?php esc_attr_e( 'Home', 'disciple_tools' ); ?>">
             <i class="mdi mdi-home"></i>
         </a>
         <a href="<?php echo esc_url( dt_home_get_logout_url() ); ?>" class="nav-item nav-item-logout" aria-label="<?php esc_attr_e( 'Log Out', 'disciple_tools' ); ?>">
diff --git a/dt-apps/dt-home/frontend/partials/launcher-wrapper.php b/dt-apps/dt-home/frontend/partials/launcher-wrapper.php
@@ -7,6 +7,7 @@
  *
  * @var string $target_app_url The URL of the target app (without launcher parameter)
  * @var array $apps Array of all apps for the apps selector
+ * @var int $user_id Current user ID
  */
 
 if ( ! defined( 'ABSPATH' ) ) {
@@ -16,10 +17,6 @@
 // Include helper functions
 require_once get_template_directory() . '/dt-apps/dt-home/includes/class-home-helpers.php';
 
-// Get all apps for the apps selector
-$apps_manager = DT_Home_Apps::instance();
-$apps = $apps_manager->get_apps_for_user( get_current_user_id() );
-
 // Mark iframe requests so nested pages can detect they are inside the launcher
 $iframe_target_app_url = add_query_arg( 'launcher_iframe', '1', $target_app_url );
 
diff --git a/dt-apps/dt-home/includes/class-home-apps.php b/dt-apps/dt-home/includes/class-home-apps.php
@@ -703,10 +703,12 @@ private function determine_app_type( $app ) {
      * Get apps for frontend display
      *
      * @param string|null $type Optional. Filter by app type: 'app', 'link', or null for all apps.
+     * @param int|null $user_id Optional. Filter by user ID. Defaults to current user.
      * @return array Array of apps for frontend display
      */
-    public function get_apps_for_frontend( $type = null ) {
+    public function get_apps_for_frontend( $type = null, $user_id = null ) {
         $apps = $this->get_enabled_apps();
+        $user_id = $user_id ?? get_current_user_id();
 
         // Enrich coded magic-link app urls.
         $enriched_apps = [];
@@ -724,38 +726,21 @@ public function get_apps_for_frontend( $type = null ) {
 
                 if ( isset( $app_meta['post_type'] ) && $app_meta['post_type'] === 'user' ) {
                     $meta_key = DT_Magic_URL::get_public_key_meta_key( $app_ml_root, $app_ml_type );
-                    $magic_url_key = get_user_option( $meta_key, get_current_user_id() );
+                    $magic_url_key = get_user_option( $meta_key, $user_id );
                     if ( !empty( $magic_url_key ) ) {
                         $app['url'] = DT_Magic_URL::get_link_url( $app_ml_root, $app_ml_type, $magic_url_key );
                     }
-                } elseif (
-                    isset( $app_meta['root'], $app_meta['post_type'] )
-                    && 'templates' === strtolower( (string) $app_meta['root'] )
-                    && in_array( $app_meta['post_type'], [ 'contacts' ], true )
-                ) {
-                    $post_id = Disciple_Tools_Users::get_contact_for_user( get_current_user_id() );
-
-                    if ( ! empty( $post_id ) ) {
-                        $post = DT_Posts::get_post( $app_meta['post_type'], $post_id );
-                        $meta_key = $app_meta['meta_key'] ?? '';
-
-                        // Ensure meta_key is set - if not, construct it from root and type
-                        if ( empty( $meta_key ) && ! empty( $app_ml_root ) && ! empty( $app_ml_type ) ) {
-                            $meta_key = $app_ml_root . '_' . $app_ml_type . '_magic_key';
-                        }
-
-                        if ( ! is_wp_error( $post ) && ! empty( $post ) && ! empty( $meta_key ) ) {
-                            if ( isset( $post[ $meta_key ] ) && ! empty( $post[ $meta_key ] ) ) {
-                                $magic_url_key = $post[ $meta_key ];
-                            } else {
-                                $magic_url_key = dt_create_unique_key();
-                                update_post_meta( $post_id, $meta_key, $magic_url_key );
-                            }
-
-                            if ( ! empty( $magic_url_key ) ) {
-                                $app['url'] = DT_Magic_URL::get_link_url( $app_ml_root, $app_ml_type, $magic_url_key );
-                            }
-                        }
+                } else if ( isset( $app_meta['post_type'] ) && $app_meta['post_type'] === 'contacts' ) {
+                    $post_id = get_user_option( 'corresponds_to_contact', $user_id );
+                    $url = DT_Magic_URL::get_link_url_for_post(
+                        $app_meta['post_type'],
+                        $post_id,
+                        $app_ml_root,
+                        $app_ml_type
+                    );
+
+                    if ( ! empty( $url ) ) {
+                        $app['url'] = $url;
                     }
                 }
             }
@@ -800,7 +785,7 @@ private function slug_exists( $slug, $apps ) {
      * Get apps filtered by user permissions
      */
     public function get_apps_for_user( $user_id = 0 ) {
-        $apps = $this->get_apps_for_frontend();
+        $apps = $this->get_apps_for_frontend( null, $user_id );
         // If roles permissions is not available, return all apps
         if ( !class_exists( 'DT_Home_Roles_Permissions' ) ) {
             return $apps;
diff --git a/dt-apps/dt-home/includes/class-home-helpers.php b/dt-apps/dt-home/includes/class-home-helpers.php
@@ -17,15 +17,16 @@
  *
  * @param string $action Optional. The action to append to the URL (e.g., 'app/{slug}', 'logout').
  * @param string $key Optional. The magic link key. If not provided, uses current user's key.
+ * @param int|null $user_id Optional. The user ID. Defaults to current user.
  * @return string The generated magic URL.
  */
-function dt_home_magic_url( $action = '', $key = '' ) {
+function dt_home_magic_url( $action = '', $key = '', $user_id = null ) {
     // Get the home screen app instance
     $home_app = DT_Home_Magic_Link_App::instance();
 
     if ( ! $key ) {
         // Get current user's magic link key
-        $user_id = get_current_user_id();
+        $user_id = $user_id ?? get_current_user_id();
         if ( ! $user_id ) {
             return '';
         }
diff --git a/dt-apps/dt-home/magic-link-home-app.php b/dt-apps/dt-home/magic-link-home-app.php
@@ -132,7 +132,7 @@ public function wp_enqueue_scripts() {
         // Enqueue menu toggle JavaScript
         wp_enqueue_script( 'dt-home-menu-toggle', get_template_directory_uri() . '/dt-apps/dt-home/assets/js/menu-toggle.js', [], '1.0.0', true );
 
-        wp_enqueue_script( 'dt-home-app', get_template_directory_uri() . '/dt-apps/dt-home/assets/js/home-app.js', [], '1.0.0', true );
+        wp_enqueue_script( 'dt-home-app', get_template_directory_uri() . '/dt-apps/dt-home/assets/js/home-app.js', [], '1.0.1', true );
 
         // Pass logout URL and invite settings to menu toggle script
         if ( function_exists( 'dt_home_get_logout_url' ) ) {
@@ -229,7 +229,8 @@ public function footer_javascript() {
                 'root'                    => esc_url_raw( rest_url() ),
                 'nonce'                   => wp_create_nonce( 'wp_rest' ),
                 'parts'                   => $this->parts,
-                'user_id'                 => get_current_user_id(),
+                'user_id'                 => DT_Magic_URL::get_current_user_id( $this->parts ),
+                'require_login'           => function_exists( 'homescreen_require_login' ) ? homescreen_require_login() : true,
                 'invite_enabled'          => function_exists( 'homescreen_invite_users_enabled' ) ? homescreen_invite_users_enabled() : false,
                 'translations'            => [
                     'welcome' => __( 'Welcome to your Home Screen', 'disciple_tools' ),
@@ -344,18 +345,25 @@ private function show_launcher_wrapper() {
         $target_app_url = $this->get_target_app_url();
         error_log( 'DT Home: Showing launcher wrapper for URL: ' . $target_app_url );
 
+        // Get Magic URL for the target app so we can use the parts to determine the user ID
+        $request_uri = isset( $_SERVER['REQUEST_URI'] ) ? esc_url_raw( wp_unslash( $_SERVER['REQUEST_URI'] ) ) : '';
+        $url_parts = explode( '/', $request_uri );
+
+        $target_magic_url = new DT_Magic_URL( $url_parts[1] );
+        $parts = $target_magic_url->parse_url_parts();
+        $target_magic_url->determine_post_id( $parts );
+
+        // Get user ID based on magic link parts
+        $user_id = DT_Magic_URL::get_current_user_id( $parts );
+
         // Get all apps for the apps selector
         $apps_manager = DT_Home_Apps::instance();
-        $apps = $apps_manager->get_apps_for_user( get_current_user_id() );
-
-        // Output complete HTML page
-        $target_app_url = $this->get_target_app_url();
+        $apps = $apps_manager->get_apps_for_user( $user_id );
 
         // Include wrapper template
         $wrapper_path = get_template_directory() . '/dt-apps/dt-home/frontend/partials/launcher-wrapper.php';
         if ( file_exists( $wrapper_path ) ) {
-            // Set variables for template
-            $target_app_url = $this->get_target_app_url();
+            // Template has access to variables declared above
             include $wrapper_path;
             die(); // Stop all further processing
         } else {
@@ -494,7 +502,7 @@ public function endpoint_get( WP_REST_Request $request ) {
 
         // Sanitize and fetch user id
         $params  = dt_recursive_sanitize_array( $params );
-        $user_id = $params['parts']['post_id'];
+        $user_id = (int) $params['parts']['post_id'];
         $action = $params['action'];
 
         // Handle different actions
diff --git a/dt-reports/magic-url-base.php b/dt-reports/magic-url-base.php
@@ -46,24 +46,10 @@ public function __construct() {
         if ( $this->type !== $this->parts['type'] ){
             return;
         }
-        if ( !empty( $this->parts['public_key'] ) ){
-            if ( $this->parts['post_type'] === 'user' ){
-                // if user
-                $user_id = $this->magic->get_user_id( $this->parts['meta_key'], $this->parts['public_key'] );
-                if ( ! $user_id ){ // fail if no post id for public key
-                    $this->magic->redirect_to_expired_landing_page();
-                } else {
-                    $this->parts['post_id'] = $user_id;
-                }
-            } else {
-                // get post_id
-                $post_id = $this->magic->get_post_id( $this->parts['meta_key'], $this->parts['public_key'] );
-                if ( ! $post_id ){ // fail if no post id for public key
-                    $this->magic->redirect_to_expired_landing_page();
-                } else {
-                    $this->parts['post_id'] = $post_id;
-                }
-            }
+
+        $this->magic->determine_post_id( $this->parts );
+        if ( empty( $this->parts['post_id'] ) ){
+            $this->magic->redirect_to_expired_landing_page();
         }
 
 
diff --git a/dt-reports/magic-url-class.php b/dt-reports/magic-url-class.php
@@ -377,6 +377,29 @@ public function verify_rest_endpoint_permissions_on_post( WP_REST_Request $reque
             return $return_parts ? $parts : true;
         }
 
+        /**
+         * Determine the post ID based on the magic URL parts.
+         * @param array $parts The magic URL parts.
+         * @return void
+         */
+        public function determine_post_id( &$parts ) {
+            if ( !empty( $parts['public_key'] ) ){
+                if ( $parts['post_type'] === 'user' ){
+                    // if user
+                    $user_id = $this->get_user_id( $parts['meta_key'], $parts['public_key'] );
+                    if ( $user_id ) {
+                        $parts['post_id'] = $user_id;
+                    }
+                } else {
+                    // get post_id
+                    $post_id = $this->get_post_id( $parts['meta_key'], $parts['public_key'] );
+                    if ( $post_id ) {
+                        $parts['post_id'] = $post_id;
+                    }
+                }
+            }
+        }
+
         public function get_post_id( string $meta_key, string $public_key ){
             global $wpdb;
             $result = $wpdb->get_var( $wpdb->prepare( "
@@ -406,6 +429,29 @@ public function get_user_id( string $meta_key, string $public_key ){
             return false;
         }
 
+        /**
+         * Get the current user ID from the magic link parts or the currently logged-in user
+         * @param $parts string[] Links parts with post_id and post_type set
+         * @return int
+         */
+        public static function get_current_user_id( array $parts ) {
+            $user_id = get_current_user_id();
+
+            if ( isset( $parts['post_id'], $parts['post_type'] ) ) {
+                $post_id = $parts['post_id'];
+                $post_type = $parts['post_type'];
+                if ( $post_type === 'user' && !empty( $post_id ) ) {
+                    $user_id = (int) $post_id;
+                } else if ( $post_type === 'contacts' && !empty( $post_id ) ) {
+                    $contact_user_id = Disciple_Tools_Users::get_user_for_contact( $post_id );
+                    if ( !empty( $contact_user_id ) && !is_wp_error( $contact_user_id ) ) {
+                        $user_id = (int) $contact_user_id;
+                    }
+                }
+            }
+            return $user_id;
+        }
+
         public function is_valid_base_url( string $type ) {
             $parts = self::parse_url_parts();
             if ( empty( $parts ) ){ // fail if not prayer url
