Wordpress - Password protect a custom post type programmatically

functions.php

<?php
/**
 * Password protects a custom post type programmatically.
 *
 * @param $post
 */
add_action( 'the_post', function( $post ){
	if ( $post->post_type != 'post' ) {
		return;
	}	
	$post->post_password = 'your_password';
} );
?>

I just updated the gist.

All you need to do is add this code on your functions.php or in your plugin code and replace the 'post' by your post type slug.
Let me know if it works ;)

Hi,
i have implemented the code in plugin when i published the post and then go to view it shows the CPT and below the message "This content is password protected. To view it please enter your password below". The CPT should be hide until enter password.

Hum, that's odd. I just tried on my end and it works.
Maybe it's a problem with your theme. Try to switch it to Storefront theme for example and check again

Hi ,
I have simple twenty twelve theme, Did you try with custom post type? I have custom post type.

I'm using WooCommerce and I've tried to use the custom post type 'product' and it works just fine.
When I go view the product, the first thing it shows is the password field and I can see no content from the product at all

Hi,
I am trying different ways lets see, anyway thanks a lot

Thank you so much!!

;)

Write the password directly in the code?
How about letting the user set/change password as pages/posts?

Hi @arthurclouds ,

How about letting the user set/change password as pages/posts?

In that case, I believe there wouldn't be necessary to add any code, as this is the default WordPress mechanism when you set a page/post visibility as "Password protected".

Thanks pablo, works great and super useful - we were looking for keeping the same password for all posts to simplify for users and this makes it very easy and programmable.

Amazingly simple approach for restricted content. Saved us adding a bloaty plugin. Instead it's 40 lines of code to lock down some post types and categories. Thanks!

        add_action('the_post', function ($post) {
            // These could optionally be set via custom fields/ACF
            $protected_post_types = [
                'resources' => 'resources_pass',
                'post_type_2' => 'pass2',
            ];

            $protected_categories = [
                'guides' => 'pass2343',
            ];

            if (! is_singular()) {
                return;
            }

            // Check post type protection
            if (isset($protected_post_types[$post->post_type])) {
                $post->post_password = $protected_post_types[$post->post_type];

                return;
            }

            // Check category protection
            $post_categories = get_the_category($post->ID);
            foreach ($post_categories as $cat) {
                if (isset($protected_categories[$cat->slug])) {
                    $post->post_password = $protected_categories[$cat->slug];

                    return;
                }
            }
        });

Hi @jerome-toole,

can you please explain a little better how I can use your code to protect a CPT archive and also my single CPT?

Do I have to assign a category for all my custom posts so that they are protected?
And where do I enter my CPT slug in your code? And where do I enter the password?

Thanks for your advice!

I tried the code from Pablo dos Santos above, but unfortunately it doesn't work for me. My CPT archive is still visible to everyone.

Hi @Moriaani,

The code in this gist is specifically aimed at singular posts and takes advantage of the standard post password feature in WordPress.

Setting this up for archives is a bit more complicated because WordPress doesn't support passwords on those routes out of the box.

You could try asking an AI to rework this code it for post type archives.

Hi @jerome-toole

thanks for your response!
It would help me a lot if I could at least save the singular posts of my CPT with it. I'll take care of the archives later.

But what exactly do I have to do to get this code running for my singular posts?

So I ask the question again:
Do I have to assign a category for all my custom posts so that they are protected?
And where do I enter my CPT slug in your code? And where do I enter the password?

For example line 4 and 5:
'resources' => 'resources_pass', 'post_type_2' => 'pass2',
What exactly do I enter here?
Must the unencrypted password be entered here?

And what does this mean?
'guides' => 'pass2343',

Thanks for your advice!!

@Moriaani. Ok, for your single posts, my code was broken up into two sections, one array for Post Types and one for Categories.

In both arrays, the key (on the left) is the name for the PT or Term, and the value is the password in plain text.

            $protected_post_types = [
                'post_type_name' => 'the_password',
                'pt_name_2' => 'password_2',
            ];

            $protected_categories = [
                'guides' => 'password',
                'recipes' => 'password',
                'news' => 'password',
            ];

So in answer to your question:

• in my current setup, you can either lock down all posts from a particular CPT ($protected_post_types) or you can lock down posts that are in a particular category ($protected_categories).
• You enter the unencrypted password on the right.
• 'guides' was an example of a category term name.

Of course, you could extend this logic to work for any taxonomy or any other post metadata.

Jerome

Thank you sooo much, @jerome-toole

Works like a charm 👍🙂