My Account 
Magic Login Pro v2.3.6 WordPress plugin
Magic Login Pro
The ultimate solution for password-free WordPress logins. Trusted by thousands, Magic Login Pro sends secure magic links directly to your email, making logins effortless and enhancing site accessibility. The simpler way to ensure a seamless user experience.
Features
Easy, secure, and passwordless authentication for WordPress.
Domain Restriction
Allow only certain domains to use the magic link.
IP Control
Enhance security by restricting users to log in from the same IP address that requested the link.
Brute Force Protection
Limit rate of login attempts and block IP temporarily.
Login Request Throttling
Limit login link generation for a certain period.
Login Redirect
Redirect users to a specific page right after login. You can also redirect different pages based on the user role.
WP-CLI Support
Use WP-CLI to create login links.
Installation & Configuration
The installation of Magic Login Pro is quite straightforward. Download the most recent version of the plugin from your account page, upload it to your WordPress website, and then activate it.
Once activated, you will see a warning for entering the license key. To enable auto-updates, enter your license key and activate it for your site.
That’s all! Now you can use Magic Login with pro features.
Use Magic Login as the Default Login Method?
By default, Magic Login doesn’t force your default login page to create login links. To change the default login behavior, you need to force Magic Login and use it as the default login method.
To redirect default login requests to the Magic Login page, enable the “Force Magic Login” option.
Brute Force Protection
Brute-force protection adds additional security mechanisms to limit login requests.
In the configuration above, the client will be blocked for an hour if they fail to log in 10 times within 5 minutes.
WooCommerce Integration
Magic Login offers a streamlined checkout experience for WooCommerce by allowing users to log in without a password. This enhances the user experience, especially for returning customers, by providing a quicker and more secure way to authenticate.
Simply enable the built-in integration and choose whether the Magic Login form is shown before or after the standard WooCommerce login form.
(If you’re using Elementor’s checkout widget, it functions differently from standard WooCommerce templates. In this case, you may need to add the Magic Login form for returning customers using a shortcode or block instead.)
Easy to Customize
By default, the form is hidden on the checkout page, similar to WooCommerce’s login form. If needed, you can customize this behavior using the magic_login_hide_on_woocommerce_login_form filter.
To further customize the shortcode, use the magic_login_shortcode_content_on_woocommerce_login_form filter to modify shortcode content.
Adding to “My Account” Page
The Magic Login WooCommerce integration doesn’t automatically add the login form to the “My Account” page. However, you can easily customize the page by manually adding the Magic Login shortcode where you’d like it to appear.
Alternatively, if you’re using custom WooCommerce templates, override the woocommerce/myaccount/form-login.php template and insert:
<?php echo do_shortcode( '[magic_login_form]' ); ?>Token Lifespan
Token lifespan determines the expiration time of the generated token. Expired tokens are deleted when the user attempts to log in or when WP-Cron runs a clean-up task.
For security, we recommend using a short token lifespan. The default setting is 5 minutes.
Magic Login 1.2+ allows setting token TTL to 0. In this case, token clean-up routines are bypassed, and the token lasts indefinitely.
Disable Magic Login for a Specific User
To disable Magic Login for a specific user:
- Navigate to the user profile.
- In their profile settings, find the option labeled “Disable Magic Login for this user.”
- Check the box next to this option.
- Click “Update User” to apply the changes.
Magic Login REST API
Use Magic Login with REST API for programmatic access to login links or sending login emails directly to users.
Authorization
Use “Basic Auth” as the authorization method by creating an application token within WordPress. The endpoint checks the edit_user capability. For example, an admin can request a login link for any user, while a subscriber can only request their own login link.
Add Login Form to a Page
You can add Magic Login to any page using a shortcode or block.
To use a block, type /magic-login/login-block in the block editor and customize the form.
Reset Tokens
Since login tokens have a specific lifetime and can only be used once, resetting them is rarely needed. However, if necessary, you can reset all login tokens on the settings page.
Auto Login Links
Auto Login Links integrate with all outgoing emails if there is a user associated with the recipient email address.
Exceptions:
- Emails with multiple recipients (including CC/BCC addresses).
- Excluded emails.
- If the user does not exist with the given email address.
Token Validity
Define how many times a token can be used with the “Token Validity” option (introduced in version 1.8). Setting the limit to 0 removes the restriction, but we don’t recommend this for security reasons.
Login Redirect
Specify a target URL for redirection after login.
Role-Based Redirection
Set different redirection URLs based on user roles. If no URL is defined for a role, the default URL is applied.
Shortcode
Use [magic_login_form] to display the login form anywhere on your website.
Login Email Customization
Magic Login Pro allows customization of login emails using placeholders like {{USERNAME}}, {{SITENAME}}, {{MAGIC_LINK}}, etc.
Login Request Throttling
Limit login URL generation within a specific time span.
IP Check
Verify that the IP address used for requesting a login link matches the one used during login.
Domain Restriction
Restrict Magic Login to specific domain addresses. Enter allowed domains line by line.
Spam Protection
Magic Login Pro integrates with reCAPTCHA and Cloudflare Turnstile to prevent spam.
How to Add Magic Login to Outgoing Emails?
Use the {{MAGIC_LINK}} placeholder in emails to include Magic Login links automatically.
Customize Default Messages
Modify plugin messages using Loco Translate or the gettext filter.
Dynamically Adjust Token TTL
Customize token TTL based on user roles using the magic_login_token_ttl_by_user filter.
How to Change Sender Details?
Use an SMTP plugin (e.g., WP Mail SMTP, FluentSMTP, or Post SMTP) to modify sender details.
Customizing Login Session Duration
Modify login session duration using the auth_cookie_expiration filter to improve security and user experience.
There are no reviews yet.