Display a message on the login form when the user is pending activation

This example shows how the WordPress authenticate filter can be used to check if the user attempting to login is still pending activation so a custom message can be displayed instead of the standard unknown username or email message.

add_filter( 'authenticate', function ( $user_or_error, $username_or_email ) {
	// Abort if the user has already been authenticated or the UR add-on is not active.
	if ( $user_or_error instanceof WP_User || ! function_exists( 'gf_user_registration' ) ) {
		return $user_or_error;
	}

	// Abort if authentication failed for an unsupported reason.
	if ( is_wp_error( $user_or_error ) && ! in_array( $user_or_error->get_error_code(), array(
			'invalid_username',
			'invalid_email',
		) ) ) {
		return $user_or_error;
	}

	add_filter( 'gform_user_registration_pending_activation_expiration', 'authenticate_pending_activation_expiration' );
	$key        = strpos( $username_or_email, '@' ) ? 'user_email' : 'user_login';
	$is_pending = gf_user_registration()->pending_activation_exists( $key, $username_or_email );
	remove_filter( 'gform_user_registration_pending_activation_expiration', 'authenticate_pending_activation_expiration' );

	// If there isn't a pending activation return the original error.
	if ( ! $is_pending ) {
		return $user_or_error;
	}

	$custom_error_message = 'Account is pending activation.';

	// If the UR login form is being used add the error to the first field.
	if ( isset( $_POST['gform_submit'] ) && absint( $_POST['gform_submit'] ) === 0 ) {
		$field                     = GFAPI::get_field( gf_user_registration()->login_form_object(), 1 );
		$field->failed_validation  = true;
		$field->validation_message = $custom_error_message;
	}

	return new WP_Error( 'pending_activation', $custom_error_message );
}, 30, 2 );

// Callback for the gform_user_registration_pending_activation_expiration hook.
// Prevents the pending activation being deleted by the pending_activation_exists() check if it is a few days old.
function authenticate_pending_activation_expiration() {
	return YEAR_IN_SECONDS;
}

This code snippet is compatible with both the standard WordPress login form and the login form included with the User Registration Add-On.

PHP based code snippets like this can be added to the theme functions.php file or a custom functions plugin.