Skip to content

Instantly share code, notes, and snippets.

@verygoodplugins
Last active April 25, 2023 12:18
Show Gist options
  • Star 1 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save verygoodplugins/4e636fc0e8c68b0d30b42bf8c840290c to your computer and use it in GitHub Desktop.
Save verygoodplugins/4e636fc0e8c68b0d30b42bf8c840290c to your computer and use it in GitHub Desktop.
Allow a true auto-login via a link with a contact ID in it.
<?php
// Disbale "Allow URL Login" in WP Fusion's settings for this to work properly.
/**
* True auto login. Format your URLs like: https://mysite.com/?cid=%CONTACTID%&email=%EMAILADDRESS%&key=%ACCESSKEY%
*
* Where %CONTACTID% is the ID of the contact
* %EMAIL% is the email address of the contact
* and %ACCESSKEY% is your access key from the bottom of the WP Fusion General settings tab
*/
function wpf_true_auto_login() {
if ( ! isset( $_GET['cid'] ) ) {
return;
}
if ( ! isset( $_GET['key'] ) || $_GET['key'] !== wpf_get_option( 'access_key' ) ) {
return; // verify the access key.
}
$contact_id = sanitize_text_field( $_GET['cid'] );
$user_id = wp_fusion()->user->get_user_id( $contact_id ); // look up the user ID.
if ( empty( $user_id ) || user_can( $user_id, 'manage_options' ) ) { // make sure they're a real user, and not an admin.
wp_die( 'Invalid user ID.' );
}
$user = get_user_by( 'id', $user_id );
if ( $user->user_email !== urldecode( $_GET['email'] ) ) {
wp_die( 'Invalid email.' ); // verify their email.
}
// Login.
wp_set_current_user( $user_id, $user->user_login );
wp_set_auth_cookie( $user_id );
do_action( 'wp_login', $user->user_login, $user );
}
add_action( 'after_setup_theme', 'wpf_true_auto_login' );
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment