apermo/agency-pass
Composer 安装命令:
composer require apermo/agency-pass
包简介
A WordPress agency-pass plugin.
README 文档
README
Self-service emergency login for agency staff on client WordPress sites.
Description
Agency Pass adds a magic-link login flow to the WordPress login screen. Staff with whitelisted email addresses can request a temporary login link that creates a time-limited user with a restricted admin role. No external infrastructure required — the entire solution is self-contained.
Requirements
- PHP 8.1+
- WordPress 6.4+
Installation
- Upload the
agency-passdirectory to/wp-content/plugins/ - Activate the plugin through the "Plugins" screen in WordPress
- On activation, a mu-plugin loader is installed to guarantee early loading
Configuration
Add constants to wp-config.php:
Required
define( 'AGENCY_PASS_EMAIL_PATTERN', '/^.+@youragency\.de$/' );
Optional
define( 'AGENCY_PASS_TOKEN_TTL', 900 ); // Magic link validity in seconds (default: 15 min) define( 'AGENCY_PASS_USER_TTL', 28800 ); // Temporary user lifetime in seconds (default: 8 h)
How it works
- A "Agency Pass" button appears on the WordPress login form
- Clicking it reveals an email input field
- If the email matches the configured pattern, a single-use magic link is sent via
wp_mail() - Clicking the link creates a temporary user with the
agency_pass_adminrole and logs them in - Expired users are cleaned up automatically via WP-Cron
Custom role
The agency_pass_admin role has all administrator capabilities except:
edit_users,delete_users,create_userspromote_users,remove_users
The role retains list_users (can view the user list). Emergency users are blocked from editing their own
profile via map_meta_cap.
Extensibility
add_filter( 'agency_pass_email_allowed', function ( bool $allowed, string $email ): bool { // Custom validation logic here return $allowed; }, 10, 2 );
Audit hooks
agency_pass_link_requested— fired when a magic link is requestedagency_pass_login— fired on successful emergency loginagency_pass_user_cleanup— fired when an expired user is removed
Development
composer install composer cs # Run PHPCS composer cs:fix # Fix PHPCS violations composer analyse # Run PHPStan composer test # Run all tests composer test:unit # Run unit tests only
Local WordPress Environment
ddev start && ddev orchestrate
Git Hooks
git config core.hooksPath .githooks
Known incompatibilities
NinjaFirewall
NinjaFirewall blocks on-the-fly creation of users with elevated roles. Since Agency Pass creates temporary
admin-level users via wp_insert_user(), NinjaFirewall will silently prevent emergency logins from working.
The relevant NinjaFirewall hooks are nfw_account_creation (action on pre_user_login),
nfwhook_update_user_meta and nfwhook_add_user_meta (filters on user meta operations). A bypass is
possible by removing these hooks before user creation, but this is not recommended and not shipped with the
plugin.
Template Sync
git remote add template https://github.com/apermo/template-wordpress.git git fetch template git checkout -b chore/sync-template git merge template/main --allow-unrelated-histories
License
apermo/agency-pass 适用场景与选型建议
apermo/agency-pass 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 0 次下载、GitHub Stars 达 0, 最近一次更新时间为 2026 年 04 月 05 日, 在 PHP 生态内属于活跃度较高的组件。
我们在过去多个企业项目中使用过 apermo/agency-pass 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。
基于 apermo/agency-pass 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。
线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。
承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。
统计信息
- 总下载量: 0
- 月度下载量: 0
- 日度下载量: 0
- 收藏数: 0
- 点击次数: 25
- 依赖项目数: 0
- 推荐数: 0
其他信息
- 授权协议: GPL-2.0-or-later
- 更新时间: 2026-04-05