• Resolved maphy-psd

    (@maphy-psd)


    Hello,

    I am using Magic Login Pro and would like to create a specific user account whose magic links never expire and can be used multiple times.

    According to the documentation, setting:

    • Token TTL to 0
    • Token Validity to 0

    should make the token non-expiring and reusable.

    I tried setting these values in the user profile settings, but after saving the user profile and reloading the page, both fields are empty again. So it seems that 0 is either not saved correctly or is treated as an empty value / no override.

    As a workaround, I would like to use the following filters:

    add_filter('magic_login_token_ttl_by_user', function ($ttl, $user_id) {
    if ((int) $user_id === XXX) {
    return 0;
    }

    return $ttl;
    }, 10, 2);

    add_filter('magic_login_token_validity_by_user', function ($validity, $user_id) {
    if ((int) $user_id === XXX) {
    return 0;
    }

    return $validity;
    }, 10, 2);

    Could you please confirm whether both filters are supposed to respect the value 0?

    In particular:

    1. Does magic_login_token_ttl_by_user support returning 0 to make the token never expire?
    2. Does magic_login_token_validity_by_user support returning 0 to allow unlimited usage?
    3. Is it expected that 0 cannot be saved in the per-user settings, or could this be a bug?

    Thank you!

Viewing 1 replies (of 1 total)
  • Plugin Author Mustafa Uysal

    (@m_uysl)

    Hi @maphy-psd,

    Thanks for reaching out.

    Does magic_login_token_ttl_by_user support returning 0 to make the token never expire?
    Does magic_login_token_validity_by_user support returning 0 to allow unlimited usage?

    Yes, that is correct. If you override those values via the filters, returning 0 should make the token non-expiring and allow unlimited usage.

    That said, I would not recommend using non-expiring, reusable magic links unless you have a very specific use case and fully understand the security implications.

    Is it expected that 0 cannot be saved in the per-user settings, or could this be a bug?

    This is currently intentional from a security perspective, but I may adjust this behavior in a future version of the plugin.

    Since this is related to the Pro version, please reach out to me directly via https://handyplugins.co/contact/ or by email, as support for commercial plugins is not allowed here.

    Regards,
    Mustafa

Viewing 1 replies (of 1 total)

You must be logged in to reply to this topic.