Solution:
Having your WordPress website in a subdirectory will have no impact on what you are trying to do. Why? Because WordPress knows where it’s located at, as you set the home and site URLs either in your wp-config.php file like this:
define('WP_HOME','http://example.com/blog');
define('WP_SITEURL','http://example.com/blog');
or by setting both in the Settings > General admin page:
Therefore, all of the rewrites and URLs will be relative to these URLs.
When someone comes to one of the pages on your site, you want to capture that original request and add it as a redirect_to= query arg. Then you can send them to the login page.
add_action( 'wp', 'redirect_to_login_if_unauthorized', 3 );
/**
* Redirect the user to the login, but capture the original
* referer and add to the query arg.
*
* @since 1.0.0
*
* @param WP $wp_environment Current WordPress environment instance (passed by reference).
*
* @return void
*/
function redirect_to_login_if_unauthorized( WP $wp_environment ) {
if ( is_user_logged_in() ) {
return;
}
if ( $wp_environment->request ) {
$request = home_url( add_query_arg( array(), $wp_environment->request ) );
} else {
$request = home_url();
}
$redirect = home_url() . '/wp-login.php?redirect_to=' . $request;
wp_redirect( $redirect );
die();
}
The event wp fires in wp-includes/class-wp.php. It passes the object instance of the WordPress environment setup. Here is the code from WordPress Core:
do_action_ref_array( 'wp', array( &$this ) );
This environment object has a property that we want called request. That property has the URL request (minus the blog’s home URL).
If the $wp_environment->request has a value, we’ll add it to the home URL as a query arg; else, we just want the home URL. Now we have the referer.
Next, you create the redirect URL, which has the path to the login page and the redirect_to query arg.
Let’s say you have a post called Why I Love WordPress and the path to that post is http://example.com/blog/why-i-love-wordpress.
The value in the $request would be:
http://example.com/blog/why-i-love-wordpress
and the redirect URL would be:
http://example.com/blog/wp-login.php?redirect_to=http://example.com/why-i-love-wordpress
Upon logging in, the user is then redirected to the original page request.
You’ll want to think about the pathing after a user logs out and then build a proper request to it too.