Beschrijving
The EthPress Web3 Login WordPress Plugin adds a capability to connect with cryptocurrency wallets such as MetaMask for Ethereum, Binance Smart Chain (BSC), Polygon (MATIC) or any other EVM-compatible blockchain, and wallets that support WalletConnect QR code. Adds a button to WordPress login screen that will let users securely log in with their crypto wallet.
Add the capability to log in with cryptocurrency wallets such as MetaMask for Ethereum, and wallets that support WalletConnect QR code. Adds a button to WordPress login screen that will let users securely log in with their crypto wallet.
In the background, a regular WordPress user account is created, so existing plugins and customizations will have no problem working along.
EthPress NFT Access Add-On can be used to control access for WooCommerce products, simple pages and posts.
Features
- A web3 login button is added to your login screen automatically
- Use the EthPress widget for maximum ease
- Alternatively, a shortcode [ethpress_login_button] can be used
- Local signature verification. To verify signatures locally with JavaScript, see this guide please.
- Managed Verification Service. PRO version required. Free 7 days Trial available!
- EthPress login button on a WooCommerce Login, Register and Checkout Forms. PRO version required. Free 7 days Trial available!
- The [ethpress_account] short code can be used to display the current user’s address logged with. PRO version required. Free 7 days Trial available!
- NFT Token based access control for WooCommerce products, simple pages and posts can be done with the EthPress NFT Access Add-On. Free 7 days Trial available!
Subscribe to this plugin’s support forum, I post feedback requests on the regular basis!
Disclaimer
By using this free plugin you accept all responsibility for handling the account balances for all your users.
Under no circumstances is ethereumico.io or any of its affiliates responsible for any damages incurred by the use of this plugin.
Every effort has been made to harden the security of this plugin, but its safe operation depends on your site being secure overall. You, the site administrator, must take all necessary precautions to secure your WordPress installation before you connect it to any live wallets.
You are strongly advised to take the following actions (at a minimum):
- Educate yourself about cold and hot cryptocurrency storage
- Obtain hardware wallet to store your coins
- Educate yourself about hardening WordPress security
- Install a security plugin such as Jetpack or any other security plugin
- Enable SSL on your site if you have not already done so.
By continuing to use the EthPress plugin, you indicate that you have understood and agreed to this disclaimer.
Hooks
These hooks can be used to add your custom logic after user logged in or linked an account using the EthPress plugin functionality.
The login_redirect
hook is a standard WordPress hook you can use to customize the page user should be redirected after login.
/**
* Fires after every login attempt.
*
* @param WP_User|WP_Error $user WP_User on success, WP_Error on failure.
* @param (string|false) $provider One of 'metamask', 'walletconnect', false.
*/
do_action( 'ethpress_login', $user, $provider );
/**
* Fires after every user account linking success.
*
* @param WP_User|WP_Error $user WP_User on success, WP_Error on failure.
* @param (string|false) $provider One of 'metamask', 'walletconnect', false.
*/
do_action( 'ethpress_linked', $user, $provider );
/**
* Filters the login redirect URL.
*
* @param string $redirect_to The redirect destination URL.
* @param string $requested_redirect_to The requested redirect destination URL passed as a parameter.
* @param WP_User|WP_Error $user WP_User object if login was successful, WP_Error object otherwise.
*/
$redirect_to = apply_filters( 'login_redirect', $redirect_to, $requested_redirect_to, $user );
Schermafdrukken
Installatie
Use WordPress’ Add New Plugin feature, search “EthPress”,
or
- Upload this folder (on WordPress.org, not GitLab) to the
/wp-content/plugins/
directory - Activate the plugin through the ‘Plugins’ menu in WordPress
FAQ
-
“Cannot log you in; you have not registered”
-
EthPress 0.7.1+ respects the “Anyone can register” WordPress setting, so you have to enable that in Settings->General.
-
The modal classes keep changing
-
Use selectors like
#web3-login-root button.web3login-metamask
, instead of thesvelte-12345
. -
How does it work?
-
The outline is described in this TopTal post by Amaury Martiny.
Instead of using databased nonces, we use WordPress nonces with a lifetime of 5 minutes, and append the user IP to the login message to prevent replays from elsewhere.
Fore more details, check out the extra readme.
-
Signature verification
-
When user submits a signature, it needs to be verified on server-side.
Read the “How does it work?” question.
Firstly, if you have php-gmp or php-bcmath extension installed, we’ll do it with PHP, and you can ignore the rest of this. To check, go to the EthPress settings page.
Otherwise, we do it with JavaScript. EthPress Premium comes configured with a Managed Verification Service. To verify signatures locally with JavaScript, see details: https://gitlab.com/losnappas/verify-eth-signature.
-
Are my coins safe?
-
Yes. A wallet (e.g. MetaMask) does/should not leak your private keys out into the wild, that would be madness.
-
What about mobile?
-
Mobile integration is in good condition, with WalletConnect QR code reading from wallets such as MetaMask Mobile, there is very little friction!
-
GDPR?
-
Ethpress does not store anything other than the wallet address, on your server. It will be deleted if you delete the associated user account or remove the plugin entirely.
If you’re using the default, pre-set signature verification service: it is hosted on the ethereumico.io. No data is stored here.
Check EthPress Settings page for more information.
-
Source code and contributing
-
Contributions on GitLab only, thank you.
Plugin’s source code: https://gitlab.com/losnappas/ethpress.
WordPress plugin page: https://wordpress.org/plugins/ethpress/.
Signature verifier’s, which is used if no php-gmp or php-bcmath, source code: https://gitlab.com/losnappas/verify-eth-signature.
The modal is a Svelte component. Source code: https://gitlab.com/losnappas/web3-login.
-
Further support
-
On the wordpress.org support page, or on the ethereumico.io support forum.
Beoordelingen
Bijdragers & ontwikkelaars
“EthPress – Web3 Login” is open source software. De volgende personen hebben bijgedragen aan deze plugin.
BijdragersVertaal “EthPress – Web3 Login” naar jouw taal.
Interesse in ontwikkeling?
Bekijk de code, haal de SVN repository op, of abonneer je op het ontwikkellog via RSS.
Changelog
1.5.11
- Add-ons prices display fix
1.5.10
- Fix standard settings saving
1.5.9
- Settings update hook extended for better addons support
1.5.8
- Options page logic refactored for better addons support
1.5.7
- The
ethpress_options_update
filter added to update settings in addons
1.5.6
- Fix tab switching
1.5.5
- Settings tabs support for addons settings integration
1.5.4
- Default Role other that “subscriber” in multisite
- The Ledger wallet connect fix
1.5.3
- The “Register” buttons are not offered if the Administration > Settings > General > Membership: Anyone can register box is not checked.
- Warning on the settings page is also shown in this case.
- Security fixes
1.5.2
- Fix for the address access error when the address was not found
1.5.1
- New freemius.com library version
1.5.0
- The
ethpress_linked
hook is added.