In this article, we will learn how to install a useful feature on your WordPress site that can make logging in more convenient. This feature is designed for WordPress sites that offer a generic account for users to log in to. For example, on many backend WordPress demos, the author will create a ‘demo’ account for prospective customers to log in and play with their product. However, displaying the username and password on the login page can look unprofessional. Therefore, we will show you how to create a one-click login link that can be dropped into your theme’s functions file or put in its own plugin file and activated.
Before we begin, it is important to note that this feature should only be used for generic accounts and not for accounts with real power, such as Administrator or Editor accounts. Use this snippet carefully.
To get started, we will provide you with the complete, annotated code first:
/*
Plugin Name: Auto Login
Plugin URI: http://hbt.io/
Version: 1.0.0
Author: Harri Bell-Thomas
Author URI: http://hbt.io/
*/
function autologin() {
// PARAMETER TO CHECK FOR
if ($_GET[‘autologin’] == ‘demo’) {
// ACCOUNT USERNAME TO LOGIN TO
$creds[‘user_login’] = ‘demo’;
// ACCOUNT PASSWORD TO USE
$creds[‘user_password’] = ‘demo’;
$creds[‘remember’] = true;
$autologin_user = wp_signon( $creds, false );
if ( !is_wp_error($autologin_user) )
header(‘Location: wp-admin’); // LOCATION TO REDIRECT TO
}
}
// ADD CODE JUST BEFORE HEADERS AND COOKIES ARE SENT
add_action( ‘after_setup_theme’, ‘autologin’ );
The above code has been styled in the form of a standalone plugin. To use this feature, you need to specify the account username and password in the plugin file. To log in, simply visit http://example.com/wp-login.php?autologin=demo. You will be redirected to wp-admin, logged into the account specified. If the credentials are incorrect, you will see the login form as usual.
To customize this feature, you only need to edit three things in the following code block:
if ($_GET[‘login’] == ‘dummy_account’) {
// ACCOUNT USERNAME TO LOGIN TO
$creds[‘user_login’] = ‘dummy’;
// ACCOUNT PASSWORD TO USE
$creds[‘user_password’] = ‘pa55word’;
On the first line, you will see the conditional checking for the URL parameter. The above code block will be checking for wp-login.php?login=dummy_account. These values can be whatever you want, but avoid using original WordPress parameters such as ‘loggedout’, ‘action’, and ‘redirect_to’. Line 4 is where you specify the username to log in with, and line 7 is where you specify the password.
If you want to set up auto-login links for different accounts, you can use the following code:
/*
Plugin Name: Auto Login
Plugin URI: http://hbt.io/
Description: Create convenient auto-login links to quickly login to generic accounts. Configure source code to make changes.
Version: 1.0.0
Author: Harri Bell-Thomas
Author URI: http://hbt.io/
*/
// Declare global var’s
global $login_parameter, $accounts;
// THE PARAMETER TO CHECK FOR
// eg. http://exmaple.com/wp-login.php?param_name=account
$login_parameter = “autologin”;
// ACCOUNT CODE BLOCK
$accounts[] = array(
“user” => “demo”,
“pass” => “demo”,
“location” => “wp-admin”,
);
// END ACCOUNT CODE BLOCK
// EDIT AND REPEAT CODE BLOCK FOR AS MANY ACCOUNTS AS NEEDED
// Another example iteration
$accounts[] = array(
“user” => “tcwp”,
“pass” => “demo”,
“location” => “wp-admin/?tcwp-sent-me”,
);
// SEE PREVIOUS EXAMPLE FOR DETAILS ABOUT THIS FUNCTION
function autologin() {
global $login_parameter, $accounts;
foreach ($accounts as $account) {
if ($_GET[$login_parameter] == $account[‘user’]) {
$creds[‘user_login’] = $account[‘user’];
$creds[‘user_password’] = $account[‘pass’];
$creds[‘remember’] = true;
$autologin_user = wp_signon( $creds, false );
if ( !is_wp_error($autologin_user) )
header(‘Location: ‘ . $account[‘location’]);
}
}
}
add_action( ‘after_setup_theme’, ‘autologin’ );
This code uses a foreach loop plus accounts array to set up auto-login links for different accounts. All relevant details are stored in the global array. To add additional accounts, customize and add as many code blocks as needed.
In conclusion, this feature is designed for lightweight usage, such as on a product demo site, but can be used for more complex login scenarios. If you have any questions or feedback, leave a comment below or tweet us.
