內容簡介
你正在尋找一個可以幫助你免去記憶 WordPress 管理介面密碼的解決方案嗎?
別擔心!我們已經為此建立了一個解決方案。安裝 WP One Tap Google Sign In(WP一鍵Google登錄)外掛程式並進行配置,然後你就完成了。
在 wp-onetapgsi 的根目錄中執行 composer install 指令,安裝所有必需的相依性。
該外掛程式需要最少的配置才能投入使用:
此外掛程式需要你的 Google 開發人員控制台中的 Oauth 2.0 客戶端 ID。
連結 - https://console.developers.google.com/apis/credentials
外掛標籤
開發者團隊
原文外掛簡介
WP One Tap Google Sign In adds Google One Tap authentication to WordPress. It helps site owners offer a faster, passwordless login experience while keeping authentication tied to existing WordPress user accounts.
When a visitor signs in with Google, the plugin verifies the Google ID token server-side, checks the configured OAuth client ID, confirms the Google email is verified, and then signs in the matching WordPress user. The plugin also supports site-wide display for logged-out visitors, a customizable companion message block, and direct Google account linking from WordPress user profiles.
Key Features
Google One Tap prompt on the WordPress login screen.
Optional site-wide One Tap prompt for logged-out visitors.
Server-side Google ID token verification with WordPress HTTP APIs.
Existing-user login only by default.
Google account linking and disconnect controls on WordPress user profiles.
Automatic account-link migration after a successful verified email login.
Admin activity log for successful logins, failed attempts, account linking, and unlinking events.
Salted hashes for IP addresses and Google account identifiers in the activity log.
Optional custom message block with image, title, and formatted content.
WordPress 7.0-ready metadata with PHP 8.1, 8.2, and 8.3 compatibility.
Security Approach
The plugin uses WordPress nonces for AJAX requests, sanitizes all incoming data, escapes admin output, and validates the Google token audience against the configured OAuth client ID. It does not create new users automatically. A Google login succeeds only when the verified Google account maps to an existing WordPress user.
Privacy
The activity log stores the Google email address used during an event, the WordPress user ID when available, event status, event reason, user agent, and salted hashes of the request IP address and Google account identifier. Activity records older than 90 days are pruned automatically when new events are logged.
Configuration
Create a Google OAuth Client ID
Open the Google Cloud Console credentials page:
https://console.developers.google.com/apis/credentials
Create an OAuth 2.0 Client ID.
Choose Web application as the application type.
Add your WordPress site’s authorized JavaScript origin.
Copy the client ID into Settings > One Tap GSI.
Link a WordPress User to Google
Open Users > Profile for your own account, or edit another user if your role allows it.
Find the Google One Tap Sign-In section.
Use the Google button to link a verified Google account.
To disconnect, check Disconnect this Google account and save the profile.
Customize the Message Block
Go to Settings > One Tap GSI.
Enable the custom message block.
Choose an image from the Media Library or enter an image URL.
Add a short title and supporting formatted content.
Save the settings.
