A Radiate framework package to allow users to login with a link.
This simple package generates temporary login URLs that allow a user to login without a password.
composer require radiate/passwordlessRegister the service provider in your functions.php file:
$app->register(Radiate\Passwordless\PasswordlessServiceProvider::class);By default the package generates a REST API endpoint at /wp-json/passwordless/login but you are free to change this in the passwordless config.
wp radiate vendor:publish --tag=passwordlessYou can add the PasswordlessLogin trait to your User model:
<?php
namespace Plugin\Models;
use Radiate\Database\Models\User as Model;
use Radiate\Passwordless\Traits\PasswordlessLogin;
class User extends Model
{
use PasswordlessLogin;
}This provides a getPasswordlessLink method. The method will generate a link for the user to login without a password.
<?php
// Redirect defaults to wp-admin.php
// expiry defaults to 5 minutes
$link = $user->getPasswordlessLink($redirect, $expiry);If you prefer, you can use the PasswordlessLogin facade to generate the URL:
<?php
use Radiate\Passwordless\Facades\PasswordlessLogin;
$link = PasswordlessLogin::forUser($user)
->redirectTo('/')
->expiresIn(1 * MINUTE_IN_SECONDS)
->generate();
Temporary URLs are safe from tampering HOWEVER if someone gives the link to someone else, then their entire account is compromised. Use passwordless URLs with caution.