Last active
September 18, 2020 11:13
-
-
Save stracker-phil/2355a8a2eaa962310e5055cbbe93293e to your computer and use it in GitHub Desktop.
Small MU-Plugin that disables passwords on local development sites. Once installed, you can select a user from a dropdown list and log-in with a single click. ONLY FOR LOCAL DEV-SITES! NEVER USE THIS ON A PUBLIC SITE!
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
/** | |
* Passwordless login for development environments. | |
* | |
* Setup: | |
* 1. Make sure that the "wp-contents/mu-plugins" folder exists. Create it if needed. | |
* 2. Save this file as "wp-contents/mu-plugins/wp-dev-login.php" | |
* 3. Check the conditions in line 29 - 30 and adjust them to your requirements. | |
* | |
* Once installed, all default WP login forms will display a dropdown list of all | |
* users and NO password field. You can simply select a user from the dropdown list | |
* and click "Login" to authenticate as that user. No password required. | |
* | |
* This mu-plugin should ONLY be used on local development environments, never on a | |
* public site!! | |
* | |
* @package DevTools | |
*/ | |
namespace WPDevLogin; | |
// phpcs:disable WordPress.Security.NonceVerification.Recommended | |
// phpcs:disable WordPress.Security.ValidatedSanitizedInput.MissingUnslash | |
// phpcs:disable WordPress.Security.ValidatedSanitizedInput.InputNotSanitized | |
// Only apply this script on *.local domains, when no ?use-password param is present. | |
if ( | |
isset( $_SERVER['HTTP_HOST'] ) | |
&& '.local' === substr( $_SERVER['HTTP_HOST'], -6 ) | |
&& ! isset( $_REQUEST['use-password'] ) | |
) { | |
add_action( 'login_form', __NAMESPACE__ . '\extend_form' ); | |
add_filter( 'authenticate', __NAMESPACE__ . '\fetch_user', 10, 2 ); | |
} | |
// phpcs:enable | |
/** | |
* Displays a list of available usernames in the login form. | |
* | |
* @since 1.0.0 | |
*/ | |
function extend_form() { | |
global $wpdb; | |
// phpcs:ignore | |
$users = $wpdb->get_col( "SELECT ID FROM {$wpdb->users};" ); | |
$roles = []; | |
foreach ( $users as $user_id ) { | |
$user = get_user_by( 'id', $user_id ); | |
$role = reset( $user->roles ); | |
if ( ! isset( $roles[ $role ] ) ) { | |
$roles[ $role ] = []; | |
} | |
$roles[ $role ][ $user_id ] = $user->user_login; | |
} | |
?> | |
<div id="dev-user-choice" style="display:none"> | |
<select id="user_login" name="log" class="input"> | |
<?php | |
foreach ( $roles as $role_name => $list ) { | |
printf( | |
'<optgroup label="%s">', | |
esc_attr( ucwords( $role_name ) ) | |
); | |
foreach ( $list as $user_id => $name ) { | |
printf( | |
'<option value="%1$s">%2$s</option>', | |
(int) $user_id, | |
esc_attr( $name ) | |
); | |
} | |
echo '</optgroup>'; | |
} | |
?> | |
</select> | |
</div> | |
<script>(function(){ | |
function initDev() { | |
if (!window.jQuery) { | |
window.setTimeout(initDev, 50); | |
return; | |
} | |
var choice = jQuery('#dev-user-choice').detach().show(); | |
jQuery('.forgetmenot').remove(); | |
jQuery('.user-pass-wrap').remove(); | |
jQuery('[for="user_login"]').text('Development login with following user:'); | |
jQuery('input#user_login').replaceWith(choice); | |
} | |
initDev(); | |
})()</script> | |
<?php | |
} | |
/** | |
* Fetches a user object by user-ID and returns it. | |
* No password check. | |
* | |
* @since 1.0.0 | |
* @param object $user Empty default value. | |
* @param string $username Username that identifies the login user. | |
* @return WP_User | |
*/ | |
function fetch_user( $user, $username ) { | |
if ( $username && is_numeric( $username ) ) { | |
$user = get_user_by( 'id', $username ); | |
} | |
return $user; | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Screenshot of the login form: