Authorization for website visitors

To allow website visitors to log into their personal accounts, enable authorization for them. Authorization means login with a password. When authorization is enabled, the signup option is available, too.

Authorization must be enabled separately for every website. If you have multiple sites in your Webasyst backend, then you will need to repeat this setup for each of them.

  1. Open Site app and select the desired site in the top-left corner.
  2. Open “Personal” section and click “authorization enabled”.


  3. In “The application and address used” list, select a website section via which visitors will log in. Website sections are set up in “Section” section.


    The easiest option would be to select a website section with the shortest address. The login page on your site will have the appearance of the design theme applied to the site section selected in this list.
  4. Select a password system for website visitors either to save their personal passwords or to use automatically generated one-time 4-digit passwords for each login.
  5. Enable sending of successful signup notifications for visitors to see that they have indeed signed up.
  6. If necessary, change default timeout before re-sending confirmation code to the same user.

Login & signup methods

Website visitors can log in either by their email address or by phone number, or via social media.

Two basic login methods are by email and by phone number. At least one of them must be enabled. You may disabled authorization options if you do not need them. The authorization option via social media is an additional one.

Authorization via a phone number is available only if Shop-Script version 8 or higher is installed.

For login by email address and phone number you need to select a notification template group, which includes templates notifications to be sent to visitors during signup and login. Edit notification templates in “Settings” app.

For login by phone number you can enable priority over email notifications. It means that, by default, SMS notifications sending will be attempted by default. Should SMS fail, an email notification will be sent as a fallback option.

Login & signup forms

In signup form settings you can select which fields must be completed by website visitors to sign up and receive access to a personal account. The field in this form, whose completion is always mandatory, is “Password”. Additionally, either email address or phone number field, or both of them, are mandatory, too—depending on the authorization options enabled under “Ways of login and registration” heading.

If necessary, enable or disable the elements used to require user’s consent with your privacy policy and a protection code CAPTCHA during signup.

In the login form settings you can enable CAPTCHA and auto-login if necessary. With auto-login enabled, website visitors will get logged in immediately when entering your site by a cookie value in their browsers. If the website is opened in another browser or in a private browsing session, authorization with a password or a one-time code will be required.

If you have enabled both main login options, email and phone, in “Ways of login and registration” section, then visitors will be offered to enter any of those values to log in—either an email address or a phone number into one common field.

0 comments

    Add comment

    To add a comment please sign up or login