Customizing Front-End and Backend Login for WordPress

Whether you want your users to log in from the front-end or backend of your websites, WordPress allows you to fully customize the experience for both.

 

Occasionally, when building a WordPress website you might think that the built-in login page doesn’t exactly meet your needs. Sometimes, you might want the login form embedded into your site’s front-end. Other times, you might need functionality that isn’t available using the default /wp-login.php page.

 

We’ve previously looked at how to completely customize the WordPress login page, exploring ways of merging it into your site’s branding. In this post, we’ll look at how to extend some of the functionality offered in that post with more practical examples.

 

This post looks at front-end and backend login customization in two sections. In the first part, I will explain how to handle the login process from the site front-end. We’ll look at how to:

 
 
    • Include a login form into posts and widgets
 
    • Redirect the user on successful login
 
    • Set a custom login page
 
    • Conditionally display a login/logout link in a menu
 
 

Note that we’ll explore just the login task, letting WordPress take care of redirection on failed login, password reset, user registration and data editing. All these tasks deserve careful attention and will provide us with more to dive into and explore in the future.

 

In the second part of this post, I will show you how to add greater functionality to the built-in login page. We’re going to:

 
 
    • Customize the HTML structure of the login page header
 
    • Get the most from the built-in login page with additional form fields
 
 

We’ll also look at several examples to acquaint you with functions, actions and filters available for the handling of the login process. I’ll assume you’re familiar with the key concepts behind action and filter hooks. If you’re not, before going through this post take the time to have a read over A Quick (and in-Depth) Guide to WordPress Hooks.

 

Let’s start diving into login customization.

 
 
The WordPress backend login form.
The WordPress backend login form.
 
 

Including a Login Form in Posts and Text Widgets

 

When designing the user flow for a new website, you might want to display a login form on the front-end of your site. You can achieve this goal thanks to the wp_login_form function, which echoes (or returns) a simple login form (check the WordPress Codex for details).

 

This function holds an array of parameters, whose values set the URL for redirection after login, IDs, labels and the default values of the form elements.

 

In the following example we’ll create a simple shortcode, which will enable site authors to embed the login form anywhere into the site:

 
 
 
 

In the code above we’ve set the value of echo to false so that the function won’t print the HTML of the form, but will return the mark-up as value of the $output variable. The same value will be returned by the callback function.

 

In case the user was already logged in, the function returns a message and the logout link (this latter returned by the wp_loginout function).

 

Now, let’s create a new post (or page) and include the [frontend-login-form] shortcode. As a result, we’ll get the login form shown in the image below.

 
 
wp login form
The image shows the login form embed into a regular post
 
 

We can include the form in a sidebar as well, but first we have to force WordPress to process shortcodes in text widgets. This task can be accomplished using the widget_text filter and the do_shortcode function as we’ve already done in the code above.

 
 
shortcode widget
Once we’ve enabled shortcode processing in text widgets, the login form can be included into any sidebar
 
 

Redirecting the User on Login

 

In the previous example, once logged in the user is redirected to the same page he/she is coming from, whatever their role. But we can redirect users to specific pages depending on their roles or capabilities.

 

For instance, we may want to prevent site subscribers from having access the admin area while redirecting to the dashboard all the users belonging to other roles. We can accomplish this usin the login_redirect filter hook.

 

Consider the following code:

 
 
 
 

It’s quite self explanatory: login_redirect filters the URL of the resource the user should be redirected to on successful login. In our example, if the user has the capability to edit_posts (all roles but subscribers), the user will be redirected to the dashboard. If the users hasn’t, they will be redirected to the site home page.

 

Setting a Custom Login Page

 

If we’ve created a new custom login page, we may also want to overwrite default login URL. To do that we can use the login_url filter, as shown in the following code:

 
 
 
 

Here, we’re calling the add_query_arg function, which we’ve appended the query arguments redirect_to and reauth to the URL. The same URL is finally returned by the callback function.

 

Adding Login and Logout Menu Items Programmatically

 

Now we have a new login URL and we can build the corresponding link programmatically from our scripts. In the next example, I’ll show you how to append the login and logout links to a primary menu.

 

In the main file of a plugin (or in the functions.php file of a child theme) copy and paste the following block of code:

 
 
 
 

The wp_nav_menu_items filter allows us to append new items to menus. By setting a specific theme location, our customization will affect just one custom menu. If the user is logged in, the callback function will automatically append the logout URL, otherwise it will append the login URL.

 

So far we’ve seen how to log in the user from the front-end. Nevertheless, chances are that we would prefer to keep the login on its own default page. So, in the following examples we’ll see how to take advantage of some of the many functions, actions and filters we can use to customize the page structure and add functionalities to the login form.

 

Customizing the Login Header

 

The header of the default WordPress login page is structured as follows:

 
 
 
 

It’s just a h1 element with an anchor pointing to WordPress.org. We can act on this structure thanks to three hooks, one action (login_head) and two filters (login_headerurl and login_headertitle). Take the following code as an example:

 
 
 
 
 
    • The login_head action fires after scripts are enqueued, and we can hook to this action a function to enqueue custom scripts and styles. In our example, we’ve added a single declaration to change the background image of the anchor in the header
 
    • login_headerurl filters the link URL of the header logo. In our example, the callback function returns the home URL
 
    • login_headertitle filters the title attribute
 
 

This is just a basic example, which aims to demonstrate how actions and filters come in handy to customize the login experience. If you need more control over the presentation of the login page, take a moment to read how to completely customize the WordPress login page. Then, if you want to add more functionality to the built-in login form, read over our last and more advanced example…

 

Let Your Users Select the Redirect URL

 

It’s time to give our users more control over the login process. In this last example, we’ll give them the ability to choose the URL of the page to be redirected to.

 

First, we’ll add a new field to the login form with the following function:

 
 
 
 

The login_form action fires following the ‘Password’ field in the login form and preceeding the ‘Remember me’ checkbox, so the callback function prints the select menu in that precise position.

 

With the form field in its place, we can put it in action with the following code:

 
 
 
 

Here, we’re checking whether a valid value for the select field has been sent. If so, the switch statement set a value for $redirect_to variable depending on the option selected by the user.

 
 
custom login form
A customized login form
 
 
 

 

 

The user will be now redirected to the page of their choice.

 

Wrapping Up

 

The login process is an important part of a website’s user flow and we as web designers should take the time to consider the user experience. Whether we decide to allow users to log in from a site front-end or keep with the default backend log in form, we can customize all options in terms of both presentation and functionality.

 

WordPress provides up with the powers of customizzation – it’s up to use to make good use of them.

 

 

 

Have you got further ideas for login customization? Do you have any favorite examples of login forms that have been customized? Join the conversation and share them with us in the comments below.

 

Logo credit Giulio Baccari.

 
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s