I am speculating here after reviewing your logic/comments above, yet let’s try as follows
Possible issue:
During login, although you are setting the auth cookie, you are not setting the current user and this is potentially the cause of the break-down upon logout due to is_user_logged_in
returning a false-positive/negative result.
Possible resolution:
In your validation-room.php
add a call to wp_set_current_user
, as when entering your callback mb_page_redirects
on the template_redirect
hook, you are relying on is_user_logged_in
to function correctly, which itself checks the state of the global $current_user
variable.
Under the hood is_user_logged_in
calls wp_get_current_user
which calls _wp_get_current_user
which fires a filter determine_current_user
that calls two internal callbacks wp_validate_auth_cookie
and wp_validate_logged_in_cookie
.
It is possible that the initial improper validation and later subsequent calls to wp_logout
and wp_set_current_user
are somehow causing an issue.
$mb_field_room = ( isset( $_POST[ 'mb_field_login' ] ) ? $_POST['mb_field_login'] : null );
if( $mb_field_room || wp_verify_nonce( $mb_field_room, 'mb_action_login' ) || !empty($mb_field_room) ) {
$mb_meeting_log = isset($_POST['log']) ? $_POST['log'] : null;
$mb_meeting_pwd = isset($_POST['pwd']) && $_POST['pwd'] == '{mb_login_password}' ? 'password' : null;
$user = get_user_by('login', $mb_meeting_log);
wp_clear_auth_cookie(); // let's be sure about it...
wp_set_auth_cookie( $user->ID, true, true );
wp_set_current_user( $user->ID, $user->user_login );
}