stracker-phil/wp-dev-login.php

## wp-dev-login.php
<?php
/**
 * Passwordless login for development environments.
 *
 * Setup:
 * 1. Make sure that the "wp-contents/mu-plugins" folder exists. Create it if needed.
 * 2. Save this file as "wp-contents/mu-plugins/wp-dev-login.php"
 * 3. Check the conditions in line 29 - 30 and adjust them to your requirements.
 *
 * Once installed, all default WP login forms will display a dropdown list of all
 * users and NO password field. You can simply select a user from the dropdown list
 * and click "Login" to authenticate as that user. No password required.
 *
 * This mu-plugin should ONLY be used on local development environments, never on a
 * public site!!
 *
 * @package DevTools
 */

namespace WPDevLogin;

// phpcs:disable WordPress.Security.NonceVerification.Recommended
// phpcs:disable WordPress.Security.ValidatedSanitizedInput.MissingUnslash
// phpcs:disable WordPress.Security.ValidatedSanitizedInput.InputNotSanitized

// Only apply this script on *.local domains, when no ?use-password param is present.
if (
	isset( $_SERVER['HTTP_HOST'] )
	&& '.local' === substr( $_SERVER['HTTP_HOST'], -6 )
	&& ! isset( $_REQUEST['use-password'] )
) {
	add_action( 'login_form', __NAMESPACE__ . '\extend_form' );
	add_filter( 'authenticate', __NAMESPACE__ . '\fetch_user', 10, 2 );
}

// phpcs:enable

/**
 * Displays a list of available usernames in the login form.
 *
 * @since 1.0.0
 */
function extend_form() {
	global $wpdb;

	// phpcs:ignore
	$users = $wpdb->get_col( "SELECT ID FROM {$wpdb->users};" );

	$roles = [];
	foreach ( $users as $user_id ) {
		$user = get_user_by( 'id', $user_id );
		$role = reset( $user->roles );

		if ( ! isset( $roles[ $role ] ) ) {
			$roles[ $role ] = [];
		}
		$roles[ $role ][ $user_id ] = $user->user_login;
	}

	?>
	<div id="dev-user-choice" style="display:none">
		<select id="user_login" name="log" class="input">
		<?php
		foreach ( $roles as $role_name => $list ) {
			printf(
				'<optgroup label="%s">',
				esc_attr( ucwords( $role_name ) )
			);

			foreach ( $list as $user_id => $name ) {
				printf(
					'<option value="%1$s">%2$s</option>',
					(int) $user_id,
					esc_attr( $name )
				);
			}

			echo '</optgroup>';
		}
		?>
		</select>
	</div>
	<script>(function(){
		function initDev() {
			if (!window.jQuery) {
				window.setTimeout(initDev, 50);
				return;
			}

			var choice = jQuery('#dev-user-choice').detach().show();

			jQuery('.forgetmenot').remove();
			jQuery('.user-pass-wrap').remove();
			jQuery('[for="user_login"]').text('Development login with following user:');
			jQuery('input#user_login').replaceWith(choice);
		}
		initDev();
	})()</script>
	<?php
}

/**
 * Fetches a user object by user-ID and returns it.
 * No password check.
 *
 * @since 1.0.0
 * @param object $user     Empty default value.
 * @param string $username Username that identifies the login user.
 * @return WP_User
 */
function fetch_user( $user, $username ) {
	if ( $username && is_numeric( $username ) ) {
		$user = get_user_by( 'id', $username );
	}

	return $user;
}
	<?php
	/**
	* Passwordless login for development environments.
	*
	* Setup:
	* 1. Make sure that the "wp-contents/mu-plugins" folder exists. Create it if needed.
	* 2. Save this file as "wp-contents/mu-plugins/wp-dev-login.php"
	* 3. Check the conditions in line 29 - 30 and adjust them to your requirements.
	*
	* Once installed, all default WP login forms will display a dropdown list of all
	* users and NO password field. You can simply select a user from the dropdown list
	* and click "Login" to authenticate as that user. No password required.
	*
	* This mu-plugin should ONLY be used on local development environments, never on a
	* public site!!
	*
	* @package DevTools
	*/

	namespace WPDevLogin;

	// phpcs:disable WordPress.Security.NonceVerification.Recommended
	// phpcs:disable WordPress.Security.ValidatedSanitizedInput.MissingUnslash
	// phpcs:disable WordPress.Security.ValidatedSanitizedInput.InputNotSanitized

	// Only apply this script on *.local domains, when no ?use-password param is present.
	if (
	isset( $_SERVER['HTTP_HOST'] )
	&& '.local' === substr( $_SERVER['HTTP_HOST'], -6 )
	&& ! isset( $_REQUEST['use-password'] )
	) {
	add_action( 'login_form', __NAMESPACE__ . '\extend_form' );
	add_filter( 'authenticate', __NAMESPACE__ . '\fetch_user', 10, 2 );
	}

	// phpcs:enable

	/**
	* Displays a list of available usernames in the login form.
	*
	* @since 1.0.0
	*/
	function extend_form() {
	global $wpdb;

	// phpcs:ignore
	$users = $wpdb->get_col( "SELECT ID FROM {$wpdb->users};" );

	$roles = [];
	foreach ( $users as $user_id ) {
	$user = get_user_by( 'id', $user_id );
	$role = reset( $user->roles );

	if ( ! isset( $roles[ $role ] ) ) {
	$roles[ $role ] = [];
	}
	$roles[ $role ][ $user_id ] = $user->user_login;
	}

	?>
	<div id="dev-user-choice" style="display:none">
	<select id="user_login" name="log" class="input">
	<?php
	foreach ( $roles as $role_name => $list ) {
	printf(
	'<optgroup label="%s">',
	esc_attr( ucwords( $role_name ) )
	);

	foreach ( $list as $user_id => $name ) {
	printf(
	'<option value="%1$s">%2$s</option>',
	(int) $user_id,
	esc_attr( $name )
	);
	}

	echo '</optgroup>';
	}
	?>
	</select>
	</div>
	<script>(function(){
	function initDev() {
	if (!window.jQuery) {
	window.setTimeout(initDev, 50);
	return;
	}

	var choice = jQuery('#dev-user-choice').detach().show();

	jQuery('.forgetmenot').remove();
	jQuery('.user-pass-wrap').remove();
	jQuery('[for="user_login"]').text('Development login with following user:');
	jQuery('input#user_login').replaceWith(choice);
	}
	initDev();
	})()</script>
	<?php
	}

	/**
	* Fetches a user object by user-ID and returns it.
	* No password check.
	*
	* @since 1.0.0
	* @param object $user Empty default value.
	* @param string $username Username that identifies the login user.
	* @return WP_User
	*/
	function fetch_user( $user, $username ) {
	if ( $username && is_numeric( $username ) ) {
	$user = get_user_by( 'id', $username );
	}

	return $user;
	}