wip: scope inline login captcha token selectors to prompt container and add reset on error

superdav42 · superdav42 · commit 33c28a76368f · 2026-04-22T11:16:24.000-06:00
diff --git a/assets/js/checkout.js b/assets/js/checkout.js
@@ -1209,61 +1209,68 @@
 						? this.email_address || ''
 						: this.username || '';
 
-					// Include captcha tokens if present on the page.
-					const login_data = {
-						username_or_email,
-						password: this.inline_login_password,
-						_wpnonce: jQuery('[name="_wpnonce"]').val()
-					};
-
-					const recaptcha_token = jQuery('input[name="g-recaptcha-response"]').filter(function() {
-						return this.value;
-					}).first().val();
-					const hcaptcha_token = jQuery('input[name="h-captcha-response"]').filter(function() {
-						return this.value;
-					}).first().val();
-					const cap_token = jQuery('input[name="cap-token"]').filter(function() {
-						return this.value;
-					}).first().val();
-
-					if (recaptcha_token) {
-						login_data[ 'g-recaptcha-response' ] = recaptcha_token;
-					}
+	// Include captcha tokens scoped to the inline login prompt container.
+	// Using scoped selectors avoids picking up the checkout form's captcha token.
+	const promptContainer = jQuery('#wu-inline-login-prompt-' + this.login_prompt_field);
+	const login_data = {
+		username_or_email,
+		password: this.inline_login_password,
+		_wpnonce: jQuery('[name="_wpnonce"]').val()
+	};
 
-					if (hcaptcha_token) {
-						login_data[ 'h-captcha-response' ] = hcaptcha_token;
-					}
+	const recaptcha_token = promptContainer.find('input[name="g-recaptcha-response"]').filter(function() {
+		return this.value;
+	}).first().val();
+	const hcaptcha_token = promptContainer.find('input[name="h-captcha-response"]').filter(function() {
+		return this.value;
+	}).first().val();
+	const cap_token = promptContainer.find('input[name="cap-token"]').filter(function() {
+		return this.value;
+	}).first().val();
 
-					if (cap_token) {
-						login_data[ 'cap-token' ] = cap_token;
-					}
+	if (recaptcha_token) {
+		login_data[ 'g-recaptcha-response' ] = recaptcha_token;
+	}
 
-					this.request('wu_inline_login', login_data, function(results) {
+	if (hcaptcha_token) {
+		login_data[ 'h-captcha-response' ] = hcaptcha_token;
+	}
 
-						that.logging_in = false;
+	if (cap_token) {
+		login_data[ 'cap-token' ] = cap_token;
+	}
 
-						if (results.success) {
+	this.request('wu_inline_login', login_data, function(results) {
 
-							// Login successful - reload page to show logged-in state
-							window.location.reload();
+		that.logging_in = false;
 
-						}
+		if (results.success) {
 
-					}, function(error) {
+			// Login successful - reload page to show logged-in state
+			window.location.reload();
 
-						that.logging_in = false;
+		}
 
-						if (error.responseJSON && error.responseJSON.data && error.responseJSON.data.message) {
+	}, function(error) {
 
-							that.login_error = error.responseJSON.data.message;
+		that.logging_in = false;
 
-						} else {
+		if (error.responseJSON && error.responseJSON.data && error.responseJSON.data.message) {
 
-							that.login_error = wu_checkout.i18n.login_failed || 'Login failed. Please try again.';
+			that.login_error = error.responseJSON.data.message;
 
-						}
+		} else {
 
-					});
+			that.login_error = wu_checkout.i18n.login_failed || 'Login failed. Please try again.';
+
+		}
+
+		// Reset inline login captcha widgets so the user can re-verify.
+		if (typeof window.wuCaptchaResetInlineLogin === 'function') {
+			window.wuCaptchaResetInlineLogin();
+		}
+
+	});
 
 					return false;
 
@@ -1336,22 +1343,27 @@
 
 						}
 
-						function handleError(error) {
+	function handleError(error) {
 
-							submitButton.disabled = false;
-							submitButton.textContent = wu_checkout.i18n.sign_in || 'Sign in';
+		submitButton.disabled = false;
+		submitButton.textContent = wu_checkout.i18n.sign_in || 'Sign in';
 
-							if (error.data && error.data.message) {
+		if (error.data && error.data.message) {
 
-								showError(error.data.message);
+			showError(error.data.message);
 
-							} else {
+		} else {
 
-								showError(wu_checkout.i18n.login_failed || 'Login failed. Please try again.');
+			showError(wu_checkout.i18n.login_failed || 'Login failed. Please try again.');
 
-							}
+		}
 
-						}
+		// Reset inline login captcha widgets so the user can re-verify.
+		if (typeof window.wuCaptchaResetInlineLogin === 'function') {
+			window.wuCaptchaResetInlineLogin();
+		}
+
+	}
 
 						function handleLogin(e) {
 
@@ -1375,52 +1387,61 @@
 
 							const username_or_email = fieldType === 'email' ? that.email_address : that.username;
 
-							// Include captcha tokens if present on the page.
-							const inline_login_data = {
-								username_or_email,
-								password,
-								_wpnonce: jQuery('[name="_wpnonce"]').val()
-							};
-
-							const recaptcha_val = jQuery('input[name="g-recaptcha-response"]').filter(function() {
-								return this.value;
-							}).first().val();
-							const hcaptcha_val = jQuery('input[name="h-captcha-response"]').filter(function() {
-								return this.value;
-							}).first().val();
-							const cap_val = jQuery('input[name="cap-token"]').filter(function() {
-								return this.value;
-							}).first().val();
-
-							if (recaptcha_val) {
-								inline_login_data[ 'g-recaptcha-response' ] = recaptcha_val;
-							}
-
-							if (hcaptcha_val) {
-								inline_login_data[ 'h-captcha-response' ] = hcaptcha_val;
-							}
-
-							if (cap_val) {
-								inline_login_data[ 'cap-token' ] = cap_val;
-							}
-
-							jQuery.ajax({
-								method: 'POST',
-								url: wu_checkout.late_ajaxurl + '&action=wu_inline_login',
-								data: inline_login_data,
-								success(results) {
-
-									if (results.success) {
-
-										window.location.reload();
+	// Include captcha tokens scoped to the inline login prompt container.
+	// Using scoped selectors avoids picking up the checkout form's captcha token.
+	const promptContainer = jQuery('#wu-inline-login-prompt-' + fieldType);
+	const inline_login_data = {
+		username_or_email,
+		password,
+		_wpnonce: jQuery('[name="_wpnonce"]').val()
+	};
+
+	const recaptcha_val = promptContainer.find('input[name="g-recaptcha-response"]').filter(function() {
+		return this.value;
+	}).first().val();
+	const hcaptcha_val = promptContainer.find('input[name="h-captcha-response"]').filter(function() {
+		return this.value;
+	}).first().val();
+	const cap_val = promptContainer.find('input[name="cap-token"]').filter(function() {
+		return this.value;
+	}).first().val();
+
+	if (recaptcha_val) {
+		inline_login_data[ 'g-recaptcha-response' ] = recaptcha_val;
+	}
+
+	if (hcaptcha_val) {
+		inline_login_data[ 'h-captcha-response' ] = hcaptcha_val;
+	}
+
+	if (cap_val) {
+		inline_login_data[ 'cap-token' ] = cap_val;
+	}
+
+	jQuery.ajax({
+		method: 'POST',
+		url: wu_checkout.late_ajaxurl + '&action=wu_inline_login',
+		data: inline_login_data,
+		success(results) {
+
+			if (results.success) {
+
+				window.location.reload();
+
+			} else {
+				handleError(results);
+			}
 
-									} else {
-										handleError(results);
-									}
+		},
+		error(xhr) {
+			handleError(xhr.responseJSON || {});
 
-								},
-								error: handleError
-							});
+			// Reset inline login captcha widgets so the user can re-verify.
+			if (typeof window.wuCaptchaResetInlineLogin === 'function') {
+				window.wuCaptchaResetInlineLogin();
+			}
+		}
+	});
 
 							return false;
 
