What you want to do is hook into the authenticate hook, check if the user has the pending role, and if so, throw an error.
//* Add filter to the authenticate hook
add_filter( 'authenticate', 'wpse_263762_authenticate', 20, 3 );
function wpse_263762_authenticate( $user, $username, $password ) {
//* Check if the user has the pending role
if( ! is_wp_error( $user ) && in_array( 'pending', $user->roles ) ) {
//* Throw an error
$error = new WP_Error();
$errorMessage = __( 'Your error message goes here.' );
$error->add( 401, $errorMessage );
return $error;
}
//* Or return the user
return $user;
}
Related Posts:
- Separate registration and login for different roles
- Disallow user from editing their own profile information
- Restricting frontend acess based on user role otherwise redirect to login form
- Private page protected with username and password
- How to integrate external user tables with WP?
- Allow Users Only Edit Their Profile?
- Set Default User Role
- Lock out all WordPress Administrators except two specific users
- Generate email on meta value update
- WordPress Login redirection according to user role
- Prevent Subscriber Role to login
- Can I protect a type of content site-wide with a single password?
- Login Based on ip
- URL Restrictions? Need only people who are logged in AND have a specific role (or roles) to access all pages for a site
- Custom failed login error messages for users based on user role?
- Custom user roles are unable to login
- In Django, how do I know the currently logged-in user?
- Can I programmatically login a user without a password?
- Can’t log in: “ERROR: Cookies are blocked or not supported by your browser. You must enable cookies to use WordPress.”
- Is there any way to rename or hide wp-login.php?
- How to login with email only no username?
- How can I redirect user after entering wrong password?
- Increase of failed login attempts, brute force attacks? [closed]
- Login page ERROR: Cookies are blocked due to unexpected output
- SSO / authentication integration with external ‘directory service’
- Preventing session timeout
- How reduce wordpress login session timeout time?
- How to prefill WordPress registration with social details
- Check for correct username on custom login form
- I can’t access my site via wp-admin
- ‘Password field is empty’ error when using autofill in Chrome
- Removing username from the ‘wordpress_logged_in’ cookie
- How to show ‘login error’ and ‘lost password’ on my template page?
- What is $interim_login?
- Custom login form
- How to prefill the username/password fields on the login page
- wp_signon returns user, but the user is not logged in
- Adding extra authentication field in login page
- Prevent wp_login_form() from redirecting to wp-admin when there are errors
- Redirect user using the ‘wp_login_failed’ action hook if the error is ’empty_username’ or ’empty_password’
- wp_signon() does not authenticate user guidance needed
- What exactly is ReAuth?
- What are the differences between wp_users and wp_usermeta tables?
- Login members using web services
- Make my wordpress blog remember my login “forever”
- How to check in timber if user is loggedin?
- How do I change the language of only the login page?
- Disable WordPress 3.6 idle logout / login modal window / session expiration
- Stop WordPress from logging me out (need to keep me logged in)
- Woocommerce registration page [closed]
- How to disable autocomplete on the wp-login.php page
- Share login data/cookies between multiple installations
- Synchronize WordPress user accounts across multiple domains and installations without using WordPress MU
- How to pass users back and forth using session data?
- How do I change the logo on the login page?
- Why does WordPress hide the reset password key from the URL?
- Is it possible to sign in with user_email in WordPress?
- How to use current_user_can()?
- Avoid to load default WP styles in login screen
- WordPress registration message
- How to fake a WordPress login?
- how to display the wordpress login and register forms on a page?
- Does wp_logout_url() destroy a session? (Logging out question)
- How can I send a welcome email to a user AFTER they login for the first time?
- Can not login with correct username and password
- Website Visible only to Registered users
- How can i increase the login expiration length?
- How do I use add_action from a class method?
- How to remove the WordPress logo from login and register page?
- How can I add a custom script to footer of login page?
- Brute force attack?
- Customize wp_new_user_notification_email()
- Need to execute a cron job
- Login email after registration never sent or received
- How can I create a separate blog that is private?
- How to keep always logged in development environment
- Add Confirm Password field in wp-login.php Password Reset page
- Integrate recaptcha and wp_signon – what is needed?
- Stop users from logging in from multiple locations
- I want to disable E-Mail verifcation / activation when a user signs up for my WordPress site
- custom login page redirect to logged in user profile page
- Email address or username used to login in wordpress
- How do I check if a post is private?
- Front-end login: Redirect user to the post they had created
- Receiving “This content cannot be displayed in a frame” error on login page
- My login form does not work
- Programmatically log in a wordpress user
- Action wp_login_failed not working if only one field is filled out
- Getting “Cookies are blocked or not supported by your browser” on login page
- What is the purpose of logging out after WordPress upgrade?
- Is it alright for two people to simultaneously be logged into a WP site as administrator?
- wp-login.php redirecting to HTTPS
- Display last login time
- How to customise wp-login.php only for users who are setting a password for the first time?
- Intentionally Force Failed Login WordPress
- How do I turn off the ability to login?
- Gaining Login Access via the Database
- How can I test the login for an expired session?
- Give visitor access to password protected page/post via external script
- Send reset password link to user from custom lost password form