前言介紹
- 這款 WordPress 外掛「SUC – same user credentials」是 2024-05-23 上架。
- 目前尚無安裝啟用數,是個很新的外掛。如有要安裝使用,建議多測試確保功能沒問題!
- 上一次更新是 2024-05-24,距離現在已有 345 天。
- 外掛最低要求 WordPress 6.0 以上版本才可以安裝。
- 外掛要求網站主機運作至少需要 PHP 版本 7.4 以上。
- 尚未有人給過這款外掛評分。
- 還沒有人在論壇上發問,可能目前使用數不多,還沒有什麼大問題。
外掛協作開發者
外掛標籤
Users Sync | share login | authentication | multisite user |
內容簡介
外掛總結:
- 這個外掛能將使用者與主要網站同步,使您可以使用相同的憑據訪問所有安裝了外掛的網站。
常見問題:
- Q: 如何設定一個網站為伺服器並使其他網站設置為客戶端?
- A: 一個網站必須作為伺服器設定,其他網站必須作為客戶端設定。
- Q: 當在客戶端網站上按下恢復密碼時發生什麼情況?
- A: 您將被重新導向到伺服器網站以恢復密碼,完成後可以返回客戶端網站進行登錄。
- Q: 如何自訂同步哪些使用者和角色?
- A: 您可以透過特別創建的過濾器和鉤子,選擇要同步的用戶和角色。
原文外掛簡介
The plugin synchronizes users with a main site, allowing you to access all sites where the plugin is installed with the same credentials.
One website must be configured as a server, while the other sites must be configured as clients.
Users registered on the server site can now access client sites using the same login credentials.
In the client site, if the user does not exist, a new user is created with the data coming from the server. You can customize the data to be saved on the client site through several hooks described later.
If the user already exists (checks the username) then the plugin updates the user information.
If the user exists on the client, but not on the server, the plugin blocks access by changing the password to the user saved on the client.
For security reasons the plugin does not synchronize administrators.
When you click on recover password from a client site you are redirected to the server site to recover your password. Once you have recovered the password you return to the client site login. When you try to register a user from a client site you are redirected to the server site to register the user.
If a user has logged in to a client site and logs in again through cookies, then without logging in again the system updates the user data with the server data once a day. If the user no longer exists on the server, he or she is logged out of the client site.
Client users are never deleted even if they are no longer present on the server.
Be careful if a user already exists on the client with the same email, but different user login, the user is not logged in.
Security
Communications take place via APIs protected through an encrypted token system. Usernames and passwords are never passed in clear text or through a basic authentication system.
Synchronizing administrators is not allowed, administrators must be managed locally.
Some user metadata is not passed because it is specific to the configuration of each individual site.
Logs
All operations are logged both on the client site and on the server.
Customizations
By default the plugin synchronizes all user except administrators. By default The plugin synchronizes all user data, roles, and metadata.
However, you can customize who and what to sync through many specially created filters and hooks.
First you may want to choose which users you want to sync and which you don’t. You can choose which user roles you want to sync. This way if the user has a certain role it will be synchronized, otherwise not. You can do this through the sucw-roles-exclude-all-sync-except filter placed in the client site.
apply_filters(‘sucw-roles-exclude-all-sync-except’, [‘subscriber’]);
(CLIENT) Excludes all roles from synchronization except those specified
This overrides the filter ‘sucw-roles-to-exclude-sync’!
param array $array_exclude the list of default roles [‘subscriber’]
since 1.0.0
Otherwise you can choose to sync all users except those who have a certain role.
apply_filters(‘sucw-roles-to-exclude-sync’, [‘administrator’])
(CLIENT) These are the roles that do not need to synchronize
If active The filter ‘sucw-roles-exclude-all-sync-except’ will be ignored
param array $array_exclude the list of default roles [‘administrator’]
since 1.0.0
The same role configuration entered in the client sites should be placed in the server site.
add_filter(‘sucw-roles-exclude-all-sync-except’, []);
(SERVER) Exclude all roles from synchronization except those specified
If active the ‘sucw-block-user-roles’ filter will be ignored
param array $array_exclude the list of default roles []
since 1.0.0
add_filter(‘sucw-block-user-roles’, [‘administrator’]);
(SERVER) If the user has one of the blocked roles I won’t let them through
var array $block_user_roles
return array
since 1.0.0
Below are the other filters and hooks you can use to customize your plugin configuration.
apply_filters(‘sucw-update-roles’, $roles)
(CLIENT) The list of roles to save in the user profile when creating or updating the user. if it is an empty array it does not update the roles.
since 1.0.0
do_action( ‘sucw-update-user’, $user_id, $user_data )
(CLIENT) It is called after updating or creating a user
param: int $user_id the user id
object $user_data user data
since 1.0.0
apply_filters(‘sucw-remote-args’, $args)
(CLIENT) These are the arguments for the client to call the server
param array $args Default [‘method’:’POST’, ‘timeout’:$timeout, ‘redirection’:2, ‘httpversion’:’1.0′, ‘blocking’:true, ‘headers’:$headers, ‘cookies’:[]]
since 1.0.0
apply_filters(‘sucw-remote-timeout’, 15)
(CLIENT) The server call times out
param int $timeout Default 15
since 1.0.0
apply_filters(‘sucw-allow-metadata’, true)
(CLIENT) Allows you to update metadata
param bool $allow_metadata Allows you to update metadata
if false it does not update the metadata, if it is an array it only updates the metadata present in the array
since 1.0.0
apply_filters(‘sucw_register_url’, $url)
(CLIENT) Manages the registration link
param string $url il link di default
since 1.0.0
apply_filters(‘sucw-lostpassword-url’, url)
(CLIENT) Manages lost password link
param string $url il link di default
since 1.0.0
apply_filters( ‘sucw-htaccess’, true )
(CLIENT) If the server uses htaccess or you need to make the call to the API via /?rest_route (false)
since 1.0.0
apply_filters(‘sucw-api-response’, $response, ‘login|check-user’)
(SERVER) The server’s response to the login client api call
param array $response [‘response_status’=>’ok’, ‘user’=>$user] | [‘response_status’=>’error’, ‘message’=>’…’]
param string $type login | check-user
since 1.0.0
apply_filters(‘sucw-log-limit’, 1000)
(SERVER & CLIENT) The number of logs to keep on both server and client
param int $log_limit Default 1000
since 1.0.0
TIPS & TRICKS
If the user misspells the password, it may appear as an error message that the user does not exist. To make the error messages more generic you can use the following code:
add_filter('login_errors', 'login_message', 10, 1);
function login_message($error ) {
if ($error != '') {
$error = "Incorrect username or password";
}
return $error;
}
To add a new role you need to create code like this on both the client and server sites
add_role('my_custom_role',
__( 'My Custom Role' ),
array( 'read' => true, 'read_private_posts' => true, )
);
Credits
Same user credentials as started in 2024 by Giulio Pandolfelli
Thanks to Ekebu for the supports.
各版本下載點
- 方法一:點下方版本號的連結下載 ZIP 檔案後,登入網站後台左側選單「外掛」的「安裝外掛」,然後選擇上方的「上傳外掛」,把下載回去的 ZIP 外掛打包檔案上傳上去安裝與啟用。
- 方法二:透過「安裝外掛」的畫面右方搜尋功能,搜尋外掛名稱「SUC – same user credentials」來進行安裝。
(建議使用方法二,確保安裝的版本符合當前運作的 WordPress 環境。
延伸相關外掛(你可能也想知道)
Multisite User Sync 》Multisite User Sync 可以自動同步使用者到 Multisite 中的所有網站。使用者的角色在每個網站中都是相同的,如果在一個網站中更改了角色,它也會同步到所有網...。
WPM User Sync 》「WPM User Sync」(實際上是 WordPress 多站點使用者同步)是一個外掛,讓您在使用多站點設置時,可以配置和自動化多個 WordPress 網站之間的使用者同步。您...。