Automatically login a single WordPress user upon arrival to a specific page.

functions.php

<?php

/**
 * Automatically login a single WordPress user upon arrival to a specific page.
 *
 * Redirect to home page once logged in and prevent viewing of the login page.
 * Compatible with WordPress 3.9.1+
 * Updated 2014-07-18 to resolve WP_DEBUG notice: "get_userdatabylogin is deprecated since version 3.3! Use get_user_by('login') instead."
 * Updated 2019-07-09 to reformat code, pass 2nd parameter to `do_action()`, and hook into priority 1.
 *
 * @link https://gist.github.com/cliffordp/e8d1d9f732328ba360ad This snippet.
 * @link http://tourkick.com/2014/wordpress-demo-multisite-db-reset/ An article that uses this snippet.
 */
function auto_login() {
	// @TODO: change these 2 items
	$loginpageid   = '1234'; //Page ID of your login page
	$loginusername = 'demo'; //username of the WordPress user account to impersonate

	// get this username's ID
	$user = get_user_by( 'login', $loginusername );

	// only attempt to auto-login if at www.site.com/auto-login/ (i.e. www.site.com/?p=1234 ) and a user by that username was found
	if (
		! is_page( $loginpageid )
		|| ! $user instanceof WP_User
	) {
		return;
	}

	$user_id = $user->ID;

	// login as this user
	wp_set_current_user( $user_id, $loginusername );
	wp_set_auth_cookie( $user_id );
	do_action( 'wp_login', $loginusername, $user );

	// redirect to home page after logging in (i.e. don't show content of www.site.com/?p=1234 )
	wp_redirect( home_url() );
	exit;
}

add_action( 'wp', 'auto_login', 1 );

Does this work with External redirects?

I configured yii2 app with wp . i want to know how to integrate yii2 application login with wordpress login.....which mean if i am login into the yii2 application....then the Wordpress will automatically login.....plzzz hlp me

Hey, I've updated this slightly so that it works with things like WooCommerce: https://gist.github.com/faceonline/7a36f4f2ceea4c28ab47b88af942017f#file-wp-auto-login-single-user-php-L36

#23
do_action('wp_login', $loginusername);
should be
do_action('wp_login', $loginusername, $user);

#23
do_action('wp_login', $loginusername);
should be
do_action('wp_login', $loginusername, $user);

why it should be needed $user?

Wow. I never saw any of these comments until being notified of the latest. I'm glad several got benefit from this.

@faceonline, I added the priority 1 but didn't test.
@JanaLEE / @hassy008, I am now passing the 2nd parameter, as WordPress' calling of the 'wp_login' do_action() does - thanks for the suggestion.

I want know autologin in subdomain site after signup to main domain.
Could you tell me the way?
i tried your code
But i can not success

@beatific-angel I haven't tried and am uncertain how that'd work and the specifics of your setup. You'd have to get some custom coding help I imagine. Developers such as myself are available at Codeable: https://codeable.io/developers/clifford-paulick/?ref=ygTbj (affiliate link)

Hi @cliffordp Is it possible for registered WordPress users can Auto-login via a magic link, and redirect a specific page?

Inspiration:
https://loginpress.pro/
https://so.wordpress.org/plugins/simple-jwt-login/
https://viastudioplugins.com/plugin/magic-login-link

But those plugins don't have this:

[
Bulk Auto-login password generator for the users.
Import/Export option for Auto-login password.

Inspiration:
https://docs.wp301redirects.com/article/155-import-and-export-redirects
]

Or It would be great not to manually (one by one) generate the magic link. Every newly created user will have a magic link to log in to WordPress.

The magic link will not expire if the user comes back 100 years later.

Let me know what you think.

Thank you,
Amit

@Amit-Biswas Thanks for your detailed comment, but I'm unsure what you're wanting from me.

That .org one has a Yes/No setting called "Auto-Login Requires Auth Code", from one of its screenshots. Maybe that's what you're asking about?

Login ONLY via magic link is actually considered more secure than setting of passwords - basically it offloads the security to the email provider instead of your site. So if that's what you're wanting, it seems the resources you linked would be able to satisfy.

Let me know if you had something specific in mind for me.

Is this possible to have that kind of feature in a Bash script? Which bash will initiate and generate the login link for WordPress

#23
do_action('wp_login', $loginusername);
should be
do_action('wp_login', $loginusername, $user);

why it should be needed $user?

It is needed if you are working with woocommerce. I do get an error in woocommerce if I omit the $user.