內容簡介
新的供應商和功能會不斷地增加!請參閱更改日誌瞭解詳情。
請注意,WP-OAuth仍然是一個尚未v1.0的版本,這意味着某些功能可能無法按預期運行,或者隨時可能更改。請將任何錯誤/問題報告給支援論壇,以便盡快修復。謝謝!
事實
由於許多網站現在提供會員身份,因此用戶可能會患上註冊疲勞,忘記他們的密碼,或者在幾個網站上使用相同的密碼,從而增加他們的安全風險。
56%的消費者至少擁有一個社交媒體賬號,可用於多個網站的會員註冊和登錄,而無需維護多個賬戶和密碼 (2013)。
40%的消費者目前使用社交登錄 (2012)。
特徵
從一開始就是免費、無限、無品牌和白標。沒有加價、沒有付款計劃、沒有SaaS、沒有代理身份驗證! WP-OAuth直接從您的WordPress網站與可信任的第三方登錄供應商通信而無需使用第三方OAuth庫。
WP-OAuth僅在WordPress數據庫中收集和存儲用戶的OAuth身份以供日後登錄使用,不收集或存儲任何其他用戶信息。
完全與WordPress集成。可以直接安裝到現有的WordPress網站中,並與現有的WordPress用戶集成。
支持通過OAuth 2.0 / OpenID Connect與Google、Facebook、LinkedIn、Github、Reddit、Windows Live、PayPal和Instagram進行第三方身份驗證。可以啟用或禁用提供程序。
如果在“設置”>“常規”>“會員身份設置”下啟用了“任何人都可以註冊”,則可以自動註冊用戶。
用戶可以通過標准的“個人資料”WordPress頁面管理其第三方登錄供應商。他們可以鏈接更多供應商,也可以取消現有供應商的鏈接。
當用戶登錄或注銷時,通過JavaScript向用戶顯示消息。也可以禁用此功能。
使用[wpoa_login_form]短碼,可以將自定義登錄表單添加到任何帖子或頁面上。從4種不同的佈局中進行選擇。詳情請參見安裝。
使用標誌或背景自定義默認登錄屏幕。將標誌URL指向您的主頁而不是WordPress.org。如果需要的話,隱藏默認的用戶名稱/密碼登錄表單。如果啟用任何供應商,則自動包含登錄按鈕。
支持使用cURL或流上下文進行身份驗證流程,這意味著插件應該與各種PHP服務器兼容。
身份驗證流程是從谷歌、Facebook和LinkedIn提供的代碼示例中適應的。它已經得到更新、嚴格測試和調試以實現堅實的錯誤處理。提供程序實現共享大量相同的代碼(非常高的代碼重用),並且已經完全記錄了提供程序之間的不同之處。
用戶體驗和啟動流程靈感源於StackExchange/StackOverflow登錄系統。
極輕量級、優化代碼庫,實現高性能。不需要第三方OAuth庫,一切都是內置在插件中的。以前,WP-OpenLogin需要使用LightOpenID和Facebook-PHP-SDK,但現在不再需要。保持膨脹低和性能高。使用P3插件分析器進行測試,WP-OAuth的插件開銷約為0.001秒,是6倍l
外掛標籤
開發者團隊
原文外掛簡介
New providers and features are being added regularly! See the Changelog for details.
As a reminder, WP-OAuth is a still a pre-v1.0 release, which means some features may not work as intended or might change over time. Please report any bugs/issues to the support forum so they can be fixed as soon as possible. Thank you!
Facts
With so many sites offering membership now, users may suffer registration fatigue and forget their passwords, or use the same password for several sites, increasing their security risk.
56% of consumers have at least one major social network profile they could be using for membership, registration and login purposes across multiple websites without having to maintain multiple accounts and passwords (2013).
40% of consumers currently utilize social login (2012).
Features
Free, unlimited, unbranded and white-labeled from the beginning. No upselling, no payment plans, no SaaS, no proxy authentication! WP-OAuth communicates from your WordPress site directly with the trusted third-party login providers.
WP-OAuth collects and stores ONLY the user’s OAuth identity in the WordPress database for future logins; no other user information is collected or stored.
Fully integrates with WordPress. Drops into existing WordPress sites and integrates with existing WordPress users.
Supports third-party authentication with Google, Facebook, LinkedIn, Github, Reddit, Windows Live, PayPal and Instagram via OAuth 2.0 / OpenID Connect. Providers can be enabled or disabled.
Automatic user registration if Anyone can register has been enabled under Settings > General > Membership.
Users can manage their third-party login providers via the standard “Your Profile” WordPress page. They may link more providers, or unlink existing providers.
Displays a message via Javascript to the user when they login or logout. This feature can also be disabled.
Add a custom login form to any post or page using the [wpoa_login_form] shortcode. Choose from 4 different layouts. See Installation for details.
Customize the default login screen with a logo or background. Point the logo URL to your home page instead of WordPress.org. Hide the default username/password login form if you want. Automatically include login buttons for any providers that are enabled.
Supports cURL or stream context for the authentication flow, meaning the plugin should be compatible with a wide range of PHP servers.
The authentication flow was adapted from code samples provided by Google, Facebook and LinkedIn. It has been updated, rigorously tested and debugged for solid error handling. Provider implementations share much of the same code (very high code re-use) and the differences between the providers have been fully documented.
The user experience and on-boarding process was inspired by StackExchange/StackOverflow login system.
Extremely light-weight, optimized code base for high performance. Doesn’t require third-party OAuth libraries; everything is built first-class into the plugin. Previously, WP-OpenLogin required LightOpenID and Facebook-PHP-SDK, but this is no longer necessary. Keeps the bloat low and the performance high. Tested with P3 Plugin Profiler, WP-OAuth’s plugin overhead is around 0.001 seconds which is 6x less overhead than Akismet in the same run! That means there shouldn’t be a performance hit.
How to Contribute
Visit the GitHub development repository.
History
This project is a continuation of WP-OpenLogin which was originally developed with OpenID in mind. We’re moving on; OAuth 2.0 is now the standard.
