Customizing Front-End and Backend Login for WordPress

Aileen Javier – April 6, 2022

Customizing Front-End and Backend Login for WordPress

Whether you want your users to log in from the front-end or backend of your websites, WordPress allows you to fully customize the experience for both.

Occasionally, when building a WordPress website you might think that the built-in login page doesn’t exactly meet your needs. Sometimes, you might want the login form embedded into your site’s front-end. Other times, you might need functionality that isn’t available using the default /wp-login.php page.

We’ve previously looked at how to completely customize the WordPress login page, exploring ways of merging it into your site’s branding. In this post, we’ll look at how to extend some of the functionality offered in that post with more practical examples.

This post looks at front-end and backend login customization in two sections. In the first part, I will explain how to handle the login process from the site front-end. We’ll look at how to:

Include a login form into posts and widgets
Redirect the user on successful login
Set a custom login page
Conditionally display a login/logout link in a menu

Note that we’ll explore just the login task, letting WordPress take care of redirection on failed login, password reset, user registration, and data editing. All these tasks deserve careful attention and will provide us with more to dive into and explore in the future.

In the second part of this post, I will show you how to add greater functionality to the built-in login page. We’re going to:

Customize the HTML structure of the login page header
Get the most from the built-in login page with additional form fields

We’ll also look at several examples to acquaint you with functions, actions, and filters available for the handling of the login process. I’ll assume you’re familiar with the key concepts behind action and filter hooks. If you’re not, before going through this post take the time to have a read over A Quick (and in-Depth) Guide to WordPress Hooks.

Let’s start diving into login customization.

Continue reading, or jump ahead using these links:

Including a Login Form in Posts and Text Widgets
Redirecting the User on Login
Setting a Custom Login Page
Adding Login and Logout Menu Items Programmatically
Customizing the Login Header
Let Your Users Select the Redirect URL
We’re Here to In-Form You

When designing the user flow for a new website, you might want to display a login form on the front-end of your site. You can achieve this goal thanks to the wp_login_form function, which echoes (or returns) a simple login form (check the WordPress Codex for details).

This function holds an array of parameters, whose values set the URL for redirection after login, IDs, labels, and the default values of the form elements.

In the following example we’ll create a simple shortcode, which will enable site authors to embed the login form anywhere into the site:

In the code above we’ve set the value of echo to false so that the function won’t print the HTML of the form, but will return the mark-up as the value of the $output variable. The same value will be returned by the callback function.

In case the user was already logged in, the function returns a message and the logout link (this latter is returned by the wp_loginout function).

Now, let’s create a new post (or page) and include the [frontend-login-form] shortcode. As a result, we’ll get the login form shown in the image below.

wp login form — The image shows the login form embed into a regular post

We can include the form in a sidebar as well, but first, we have to force WordPress to process shortcodes in text widgets. This task can be accomplished using the widget_text filter and the do_shortcode function as we’ve already done in the code above.

shortcode widget — Once we’ve enabled shortcode processing in text widgets, the login form can be included into any sidebar

In the previous example, once logged in the user is redirected to the same page he/she is coming from, whatever their role. But we can redirect users to specific pages depending on their roles or capabilities.

For instance, we may want to prevent site subscribers from having access to the admin area while redirecting to the dashboard all the users belonging to other roles. We can accomplish this using the login_redirect filter hook.

Consider the following code:

It’s quite self-explanatory: login_redirect filters the URL of the resource the user should be redirected to on successful login. In our example, if the user has the capability to edit_posts (all roles but subscribers), the user will be redirected to the dashboard. If the users haven’t, they will be redirected to the site home page.

If we’ve created a new custom login page, we may also want to overwrite the default login URL. To do that we can use the login_url filter, as shown in the following code:

Here, we’re calling the add_query_arg function, which we’ve appended the query arguments redirect_to and reauth to the URL. The same URL is finally returned by the callback function.

Now we have a new login URL and we can build the corresponding link programmatically from our scripts. In the next example, I’ll show you how to append the login and logout links to a primary menu.

In the main file of a plugin (or in the functions.php file of a child theme) copy and paste the following block of code:

Loading gist e03608de3795d952e86b43ba3e6393e4

The wp_nav_menu_items filter allows us to append new items to menus. By setting a specific theme location, our customization will affect just one custom menu. If the user is logged in, the callback function will automatically append the logout URL, otherwise, it will append the login URL.

So far we’ve seen how to log in the user from the front-end. Nevertheless, chances are that we would prefer to keep the login on its own default page. So, in the following examples, we’ll see how to take advantage of some of the many functions, actions, and filters we can use to customize the page structure and add functionalities to the login form.

The header of the default WordPress login page is structured as follows:

Loading gist 8b5f0335631e213d4fc0e80a5aceb08f

It’s just a h1 element with an anchor pointing to WordPress.org. We can act on this structure thanks to three hooks, one action (login_head) and two filters (login_headerurl and login_headertitle). Take the following code as an example:

Loading gist e8d0cc07095e0e5869d5cfefb6d4e8d4

The login_head action fires after scripts are enqueued, and we can hook to this action a function to enqueue custom scripts and styles. In our example, we’ve added a single declaration to change the background image of the anchor in the header
login_headerurl filters the link URL of the header logo. In our example, the callback function returns the home URL
login_headertitle filters the title attribute

This is just a basic example, which aims to demonstrate how actions and filters come in handy to customize the login experience. If you need more control over the presentation of the login page, take a moment to read how to completely customize the WordPress login page. Then, if you want to add more functionality to the built-in login form, read over our last and more advanced example…

Let Your Users Select the Redirect URL

It’s time to give our users more control over the login process. In this last example, we’ll give them the ability to choose the URL of the page to be redirected to.

First, we’ll add a new field to the login form with the following function:

Loading gist f35ac7ef05c130c89530316098369737

The login_form action fires following the ‘Password’ field in the login form and preceding the ‘Remember me’ checkbox, so the callback function prints the select menu in that precise position.

With the form field in its place, we can put it in action with the following code:

Loading gist 1df1831b0ef284bc62168fbd0d74d0c6

Here, we’re checking whether a valid value for the select field has been sent. If so, the switch statement set a value for $redirect_to variable depending on the option selected by the user.

custom login form — A customized login form

The user will be now redirected to the page of their choice.

We’re Here to In-Form You

Another way of having users log in is with our very own free plugin, Forminator.

Forminator image. — Forminator. Big glasses and all.

With his help, it’s easy to set up registration and login forms on your WordPress site. You have a ton of customization options; such as fields for information needed, captcha, remember me settings, and more. It’s a popular 4.5-star rated plugin for a reason.

You can read how to set up a login form and try him for free today.

Wrapping Up

The login process is an important part of a website’s user flow and we as web designers should take the time to consider the user experience. Whether we decide to allow users to log in from a site front-end or keep with the default backend login form, we can customize all options in terms of both presentation and functionality.

WordPress provides the powers of customization – it’s up to us to make good use of them.

Have you got further ideas for login customization? Do you have any favorite examples of login forms that have been customized? Join the conversation and share them with us in the comments below.