Temporary One Time Use Customer Login

Hey there everyone,

So I’ve done some research around here and wasn’t able to come up with any answers for this. Simply put, I’m creating a website that will allow someone to access it ONLY ONCE with a password I provide them. So, I’ll e-mail you a password to website.com, you’ll login to check it out, and if you tried to login again, could be immediately after, could be a few hours later, you’d be denied access.

I’m assuming maybe some configuration of EOT would work, but since it’s not a paid site, wasn’t sure that’d be the best option. Thanks!

Since it seems like this might be a feature not many has asked for, is it possible to set up a login/password that one person can only use for 24 hours?

This would require some custom code.

Here’s an idea that perhaps you can build from; or get someone to help you with.

Please create this directory and file:
/wp-content/mu-plugins/s2-hacks.php
(NOTE: these are MUST USE plugins, see: http://codex.wordpress.org/Must_Use_Plugins)
(See also: http://www.s2member.com/kb/hacking-s2member/)

<?php
add_filter('wp_authenticate_user', 'check_login_status');
function check_login_status($user)
	{
		$identifying_prefix = 'lt_'; // Username prefix indicates it's for a limited time.
		
		if($user instanceof WP_User && stripos($user->user_login, $identifying_prefix) === 0)
			{
				$last_login_time = (integer)get_user_option('s2member_last_login_time', $user->ID);
				$total_previous_logins = (integer)get_user_option('s2member_login_counter', $user->ID);
				
				if($last_login_time || $total_previous_logins)
					return new WP_Error('expired', 'Sorry, your Username has expired.');
			}
		return $user; // Default passthrough.
	}

---

Another way (perhaps more secure); would be a CRON job that sets a flag against certain accounts after they have logged in for the first time. With that in place, you might have something like this variation of the above routine.

<?php
add_filter('wp_authenticate_user', 'check_login_status');
function check_login_status($user)
	{
		if($user instanceof WP_User && get_user_option('login_expiration_flag', $user->ID))
			return new WP_Error('expired', 'Sorry, your Username has expired.');

		return $user; // Default passthrough.
	}

---

Combine one of these techniques with a real-time check on every page as well; like this.

<?php
add_filter('init', 'check_login_status_while_on_site');
function check_login_status_while_on_site()
	{
		if(($user = wp_get_current_user()) && get_user_option('login_expiration_flag', $user->ID))
			wp_redirect(wp_login_url()).exit();
	}

That’s pretty brilliant. I’ll do it and report back my results.

That’s pretty brilliant. I’ll do it and report back my results.

Thank you. I’ll appreciate any feedback :-)