You can do this using login_redirect
filter.
function my_login_redirect( $redirect_to, $request, $user ) {
global $user;
if ( isset( $user->roles ) && is_array( $user->roles ) ) {
//check for admins
if ( in_array( 'administrator', $user->roles ) ) {
// redirect them to the default place
//make wp-admin as your default place, if you customized it
return $redirect_to;
} else {
return home_url('/login/');
}
} else {
return $redirect_to;
}
}
add_filter( 'login_redirect', 'my_login_redirect', 10, 3 );
UPDATE
I am assuming that you are using wp_login_form
for the custom login page and already hooked to authenticate
to handle empty username and/or password issue.
We can use $_SERVER['HTTP_REFERER']
to check from where the request came from and redirect accodringly.
function wpse9845_my_awesome_login_fail( $username ) {
$referrer = $_SERVER['HTTP_REFERER']; // where did the post submission come from?
// if there's a valid referrer, and it's not the default wp-login.php ot wp-admin screen
if ( !empty($referrer) && !strstr($referrer,'wp-login') && !strstr($referrer,'wp-admin') ) {
wp_redirect( $referrer );
exit;
}
}
add_action( 'wp_login_failed', 'wpse9845_my_awesome_login_fail' );
There’s a bad side of the above code: $_SERVER['HTTP_REFERER']
is not supported by all user agent.
Note(from php.net): HTTP_REFERER
– The address of the page (if any) which referred the user agent to the current page. This is set by the user agent. Not all user agents will set this, and some provide the ability to modify HTTP_REFERER
as a feature. In short, it cannot really be trusted.
Best way to do this is using a completely custom login page/form, along with authentication. Here is a very good tutorial.