Email Verification Plugins
OneTap Login integrates with 3 email verification plugins to automatically mark Google sign-in users as verified, eliminating redundant verification steps.
PRO Feature
Email Verification Bypass is a PRO feature. FREE users will see standard verification behavior from these plugins.
Why Bypass Verification?
The Problem
Email verification plugins require:
- User registers
- Verification email sent
- User clicks link
- Account activated
For Google users, this is redundant because:
- Google already verified their email
- Google requires email verification for accounts
- Double verification creates friction
The Solution
OneTap Login PRO:
- Detects supported verification plugins
- Marks Google users as verified automatically
- Skips verification email
- Immediate account access
Supported Plugins
1. Email Verification for WooCommerce (WPFactory/Algoritmika)
Plugin: Email Verification for WooCommerce
Detection: alg_wc_ev functions
How Bypass Works:
// When Google user registers
update_user_meta($user_id, 'alg_wc_ev_is_activated', '1');
update_user_meta($user_id, 'alg_wc_ev_activation_time', current_time('timestamp'));
Result: User immediately marked as verified.
2. Customer Email Verification (WebToffee/Tyche)
Plugin: Customer Email Verification
Detection: wt_email_verification functions or Wt_Email_Verify class
How Bypass Works:
// When Google user registers
update_user_meta($user_id, 'wt_email_verified', 'yes');
update_user_meta($user_id, 'wt_verification_time', current_time('mysql'));
Result: Verification status set to "yes".
3. WooCommerce Email Verification (Codeixer)
Plugin: WooCommerce Email Verification
Detection: codeixer_ev functions
How Bypass Works:
// When Google user registers
update_user_meta($user_id, '_codeixer_email_verified', 'true');
update_user_meta($user_id, '_codeixer_verification_date', current_time('mysql'));
Result: User immediately verified.
How Detection Works
Auto-Detection Flow
Google user registers successfully
↓
OneTap checks for verification plugins:
↓
WPFactory plugin found?
→ Set alg_wc_ev_is_activated
↓
WebToffee plugin found?
→ Set wt_email_verified
↓
Codeixer plugin found?
→ Set _codeixer_email_verified
↓
User account ready immediately
Detection Code
// Simplified detection logic
function bypass_email_verification($user_id) {
// WPFactory/Algoritmika
if (function_exists('alg_wc_ev_is_user_verified')) {
update_user_meta($user_id, 'alg_wc_ev_is_activated', '1');
return;
}
// WebToffee/Tyche
if (class_exists('Wt_Email_Verify')) {
update_user_meta($user_id, 'wt_email_verified', 'yes');
return;
}
// Codeixer
if (function_exists('codeixer_ev_is_verified')) {
update_user_meta($user_id, '_codeixer_email_verified', 'true');
return;
}
}
Configuration
Enable Bypass (PRO)
- Go to Settings > OneTap Login
- Click Users tab (or Integrations)
- Enable Bypass email verification for Google users
- Save Changes
Settings
| Setting | Description |
|---|---|
| Enable bypass | Toggle feature on/off |
| Auto-detect plugins | Automatically find installed plugin |
User Experience Comparison
Without Bypass
1. User clicks Google sign-in
2. Account created (status: unverified)
3. "Please verify your email" message
4. Verification email sent to inbox
5. User opens email (may be in spam)
6. User clicks verification link
7. Account verified, can now shop
Time: 2-5 minutes minimum Friction: High Drop-off risk: High
With Bypass (PRO)
1. User clicks Google sign-in
2. Account created (status: verified)
3. User can immediately shop
Time: 3 seconds Friction: None Drop-off risk: Minimal
Security Justification
Why Bypassing Is Safe
Google's Verification Process:
- Google requires email verification for all accounts
- Can't create Google account without access to email
- Google performs continuous verification
Token Validation:
- OneTap validates JWT from Google
- Email in token is Google-verified
- No spoofing possible through OAuth flow
Audit Trail:
- OneTap logs Google registrations
- User meta records Google ID
- Full traceability maintained
Edge Cases
Existing Unverified User
If user exists and is unverified:
| Scenario | Behavior |
|---|---|
| Account Linking enabled | Link and mark verified |
| Account Linking disabled | Login fails, must verify |
| Account Merge (PRO) | After password, mark verified |
Multiple Verification Plugins
If multiple plugins installed:
- First detected plugin is used
- Recommend using only one
- Contact support if issues
Plugin Updated/Changed
If verification plugin changes:
- Old verification data may remain
- New plugin needs fresh config
- Test after any plugin change
Hooks for Developers
Before Bypass
add_filter('onetap_should_bypass_verification', function($bypass, $user_id) {
// Custom conditions
$user = get_user_by('id', $user_id);
// Don't bypass for certain domains
if (str_ends_with($user->user_email, '@suspicious.com')) {
return false;
}
return $bypass;
}, 10, 2);
After Bypass
add_action('onetap_verification_bypassed', function($user_id, $plugin_name) {
// Log bypass event
error_log("Email verification bypassed for user {$user_id} ({$plugin_name})");
// Update CRM
// Track in analytics
}, 10, 2);
Custom Plugin Support
add_action('onetap_google_user_registered', function($user_id) {
// Support custom verification plugin
if (function_exists('my_verification_plugin_mark_verified')) {
my_verification_plugin_mark_verified($user_id);
}
});
Troubleshooting
Bypass Not Working
Causes:
- PRO feature not activated
- Plugin not detected
- Plugin version incompatible
- Setting disabled
Solutions:
- Verify PRO license active
- Confirm plugin is installed and active
- Update to supported version
- Check bypass setting enabled
User Still Asked to Verify
Causes:
- Existing user, not new registration
- Bypass only for new registrations
- Different email address matched
Solutions:
- Bypass is for new Google registrations
- Existing users may need manual verification
- Check email matching logic
Wrong Plugin Used
Causes:
- Multiple verification plugins active
- Detection order issue
Solutions:
- Use only one verification plugin
- Deactivate unused plugins
Best Practices
Do's
- Enable bypass for better UX
- Use ONE verification plugin
- Test with new Google accounts
- Monitor verification status
Don'ts
- Don't run multiple verification plugins
- Don't disable bypass for paranoia
- Don't forget to test
- Don't ignore verification failures
Manual Verification Override
Admin Can Still Verify
Even with bypass:
- Admin can manually change status
- Verification plugin UI still works
- Bulk actions available
Marking as Unverified
If needed:
// WPFactory
delete_user_meta($user_id, 'alg_wc_ev_is_activated');
// WebToffee
update_user_meta($user_id, 'wt_email_verified', 'no');
// Codeixer
update_user_meta($user_id, '_codeixer_email_verified', 'false');
Plugin Comparison
| Feature | WPFactory | WebToffee | Codeixer |
|---|---|---|---|
| Free version | Yes | Yes | Yes |
| WooCommerce required | Yes | Yes | Yes |
| Admin verification | Yes | Yes | Yes |
| Email templates | Yes | Yes | Yes |
| Bypass supported | ✅ | ✅ | ✅ |
| Active installs | 20,000+ | 10,000+ | 5,000+ |
Recommendation
For most stores: Email Verification for WooCommerce (WPFactory)
- Most popular
- Well maintained
- Good compatibility
- Works well with bypass
Next Steps
- Email Verification Bypass - PRO feature details
- Account Linking - Existing user handling
- Auto Registration - New user creation