Paid content block: swap login flow to magic link flow intead of code…

… login flow (#37178)

Committed via a GitHub action: https://github.com/Automattic/jetpack/actions/runs/8972336294

Upstream-Ref: Automattic/jetpack@63cdb3f

CHANGELOG.md

@@ -8,6 +8,7 @@ This is an alpha version! The changes listed here are not final.
 
 ### Enhancements
 - Add a method to find all plans that are valid for a given newsletter tier.
+- Paid content block: swap out the login flow
 - Subscriptions: manage subscribers in Jetpack cloud instead of WP.com.
 - Subscription widget: remove "follow" term from confirmation message
 - WordAds: ensure that ads.txt works on subdirectory websites.

extensions/blocks/premium-content/login-button/login-button.php

@@ -11,6 +11,7 @@
 use Automattic\Jetpack\Extensions\Premium_Content\Subscription_Service\Abstract_Token_Subscription_Service;
 use Automattic\Jetpack\Status\Host;
 use Jetpack_Gutenberg;
+use Jetpack_Options;
 
 require_once dirname( __DIR__ ) . '/_inc/subscription-service/include.php';
 
@@ -31,6 +32,56 @@ function register_login_button_block() {
 }
 add_action( 'init', __NAMESPACE__ . '\register_login_button_block' );
 
+/**
+ * Returns current URL.
+ *
+ * @return string
+ */
+function get_current_url() {
+	if ( ! isset( $_SERVER['HTTP_HOST'] ) || ! isset( $_SERVER['REQUEST_URI'] ) ) {
+		return '';
+	}
+
+	return ( is_ssl() ? 'https://' : 'http://' ) . wp_unslash( $_SERVER['HTTP_HOST'] ) . wp_unslash( $_SERVER['REQUEST_URI'] ); // phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotSanitized
+}
+
+/**
+ * Returns subscriber log in URL.
+ *
+ * @param string $redirect Path to redirect to on login.
+ *
+ * @return string
+ */
+function get_subscriber_login_url( $redirect ) {
+	$redirect = ! empty( $redirect ) ? $redirect : get_site_url();
+
+	if ( ( new Host() )->is_wpcom_simple() ) {
+		// On WPCOM we will redirect immediately
+		return wpcom_logmein_redirect_url( $redirect, false, null, 'link', get_current_blog_id() );
+	}
+
+	// On self-hosted we will save and hide the token
+	$redirect_url = get_site_url() . '/wp-json/jetpack/v4/subscribers/auth';
+	$redirect_url = add_query_arg( 'redirect_url', $redirect, $redirect_url );
+
+	return add_query_arg(
+		array(
+			'site_id'      => intval( Jetpack_Options::get_option( 'id' ) ),
+			'redirect_url' => rawurlencode( $redirect_url ),
+		),
+		'https://subscribe.wordpress.com/memberships/jwt/'
+	);
+}
+
+/**
+ * Determines whether the current visitor is a logged in user or a subscriber.
+ *
+ * @return bool
+ */
+function is_subscriber_logged_in() {
+	return is_user_logged_in() || Abstract_Token_Subscription_Service::has_token_from_cookie();
+}
+
 /**
  * Render callback.
  *
@@ -44,19 +95,15 @@ function render_login_button_block( $attributes, $content ) {
 		return '';
 	}
 
-	$has_auth_cookie = isset( $_COOKIE[ Abstract_Token_Subscription_Service::JWT_AUTH_TOKEN_COOKIE_NAME ] );
-	// phpcs:ignore WordPress.Security.NonceVerification.Recommended
-	$has_token_parameter = isset( $_GET['token'] );
-
-	$is_user_logged_in_on_wpcom = ( new Host() )->is_wpcom_simple() && is_user_logged_in();
-	if ( $is_user_logged_in_on_wpcom || $has_auth_cookie || $has_token_parameter ) {
-		// The viewer is logged it, so they shouldn't see the login button.
+	// The viewer is logged it, so they shouldn't see the login button.
+	if ( is_subscriber_logged_in() ) {
 		return '';
 	}
 
 	Jetpack_Gutenberg::load_styles_as_required( LOGIN_BUTTON_NAME );
 
-	$url = subscription_service()->access_url();
+	$redirect_url = get_current_url();
+	$url          = get_subscriber_login_url( $redirect_url );
 
 	return preg_replace( '/(<a\b[^><]*)>/i', '$1 href="' . esc_url( $url ) . '">', $content );
 }