Sending Plain WordPress Password from webhook

Hey @0nline – Thank you for reaching out, as well as for using our plugin!

I’m afraid fetching the password in its raw context requires you to customize your signup workflow.
The reason for that is due to the fact that WordPress never saves the password in its clean format, but only in a hashed version for security reasons.
What you need to do is to fetch the password manually, save it temporarily within the database, in a clear format, and then send it over via the request of the webhook.

Feel free to let me know what exactly you are trying to achieve, I might be able to guide you further. ??

Thanks for your reply @ironikus

>> let me know what exactly you are trying to achieve.

Actually, I am trying to sync my WordPress user with teachable as teachable webhook doesn’t provide the password so I am registering users in WordPress and adding it to teachable.

I am using your webhook to send data to zapier and adding new users to teachable.

>>What you need to do is to fetch the password manually, save it temporarily within the database, in a clear format, and then send it over via the request of the webhook.

Could you explain or give some reference to how can I send the password in plain text?

Thank You Again ??…..

Hey @0nline – Thank you for your answer. Since that’s a very critical security process, I do not advise playing around with it on a live system since it can decrease security for your website.

To give you a short info on how you can achieve to temporarily save a password via the default register functionality, this snippet will does that:

add_action( 'user_register', 'save_pw_to_meta_data' );
function save_pw_to_meta_data( $user_id ) {
	if ( ! empty( $_POST['password'] ) ) {
		update_user_meta( $user_id, 'tmp_pw_saved', base64_encode( $_POST['password'] ) ) ;		
	}
}

There are a couple of things you need to check on though. For example, you need to make sure the $_POST variable key “password” is the correct one that is also used for the input field of the register page.

I highly suggest involving a developer for that.
If you have further questions, feel free to let me know at any time. ??

Hello dev,

Thanks for your reply.

As I can see we are updating the user meta and it will be sent via hook.

If you could, could you tell me how I can remove that meta after sending it via hook.

Thank You for your help.??

Hey @0nline – The “Send Data On Register” webhook trigger contains an action that you could use for that.
An example would be:

add_action( 'wpwhpro/webhooks/trigger_user_register', 'remove_tmp_pw_key', 10, 3 );
function remove_tmp_pw_key( $user_id, $user_data, $response_data ) {
	delete_user_meta( $user_id, 'tmp_pw_saved' );	
}

Thanks dev ( @ironikus ),

It’s working like a charm…Thank’s for your help dev.

Sorry to bug you again but I have one last question how I can send data through webhook whenever someone reset the password in plain text.

Thanks for your valuable time dev. ??

Hi @0nline – since we do not have a predefined webhook trigger for it available, you would need to write your own one.
The best way to do that is by using the “Send Data On Custom Action” webhook trigger.
It allows you to fire a custom function wherever you would like within your code.
There’s an example code available within the description, which I also add down below. You can position it in a callack on the password reset functionality and it will then send it accordingly.

$custom_data = array(
	'data_1' => 'value'
);
$webhook_names = array(
	'15792546059992909'
);
$http_args = array(
	'blocking' => true //Set this to true to receive the response
);

$response = apply_filters( 'wp_webhooks_send_to_webhook_filter', array(), $custom_data, $webhook_names, $http_args );

Ok… I’ll try to write my own code and send it via method u defined above…

Thank you very much for your help @ironikus dev. ??

Hey @0nline – thank you for the feedback, I’m glad I could help.
If you have any further questions, feel free to reach out again at any time. ??