Description
Need access to a WordPress install but don’t want to create a new user account? Use this plugin to generate one-time login URLs for any existing user.
Then, copy the URL, paste it into your web browser, and… voila!
Because they are one-time login URLs, they will only work once. If you need access again, you’ll need to run the WP-CLI command again.
Using WP CLI to generate OTT URLs
Example
wp plugin install one-time-login --activate && wp user one-time-login <user> --count=3 --delay-delete
After you run the command above, you’ll see a success message like this:
http://wpdev.test/wp-login.php?user_id=2&one_time_login_token=93974b48e3a418b895fc7ca476f1a607d8b99345
Or like this if you asked for more than one:
http://wpdev.test/wp-login.php?user_id=1&one_time_login_token=2b9c6f5d71d51d530e397ee9da3b50e4e3dd06e7
http://wpdev.test/wp-login.php?user_id=1&one_time_login_token=90897da439a116c613fc1c49c372e6b1f7c72ad8
http://wpdev.test/wp-login.php?user_id=1&one_time_login_token=68c8074743de849db606500c3caa39a7432dc601<h3>Parameters</h3>
* count: Generate more than one login token (default: 1);
* delay-delete: Delete existing tokens after 15 minutes, instead of immediately.
Using WP API to generate OTT URLs
Example with cUrl
curl -X POST \
http://wpdev.test/wp-json/one-time-login/v1/token
-H 'authorization: Basic YWRtaW46eFRQeUJ5c3hEckhkY3BNYjE2endiQ2tj'
-H 'cache-control: no-cache'
-H 'postman-token: 8dcfa79a-401a-2c7d-c593-703e683ce785'
-d '{
"user":"admin",
"count": 3,
"delay-delete": true
}'<h3>Parameters</h3>
Just as with WP CLI, you can add the count and delay_delete parameters to your call.
Feel free to file issues and pull requests against the project on Github.
Installation
See description for installation and usage instructions.
Reviews
Contributors & Developers
“One Time Login” is open source software. The following people have contributed to this plugin.
ContributorsTranslate “One Time Login” into your language.
Interested in development?
Browse the code, check out the SVN repository, or subscribe to the development log by RSS.
Changelog
0.4.0 (August 30th, 2021)
- Introduces
one-time-login/v1/token
WP REST API endpoint to generate tokens [#28].
0.3.1 (June 1st, 2021)
- Fires
one_time_login_after_auth_cookie_set
action after the auth cookie is set [#27].
0.3.0 (May 24th, 2018)
- Introduces
--delay-delete
flag to delete old tokens after 15 minutes instead of immediately. - Improves invalid token message when user is already logged in: “Invalid one-time login token, but you are logged in as ‘user_login’. Go to the dashboard instead?”.
0.2.0 (May 3rd, 2018)
- Introduces support for multiple one-time login links.
- Links to the login screen from the “Invalid token” error message.
0.1.2 (June 11th, 2016)
- Fires
one_time_login_created
action when login URL is created, andone_time_login_logged_in
action when user is logged in via one-time login URL.
0.1.1 (May 26th, 2016)
- Bug fix: Pass
$assoc_args
into the command to ensure the--porcelain
flag actually works.
0.1.0 (April 28th, 2016)
- Initial release.