=== Watrix Login as User ===
Contributors: watrix
Tags: user-switching, impersonation, admin, debugging, support
Requires at least: 6.0
Tested up to: 7.0
Requires PHP: 7.4
Stable tag: 1.0.3
License: GPLv2 or later
License URI: https://www.gnu.org/licenses/gpl-2.0.html

Securely impersonate any user account as an administrator and switch back to your original account with one click.

== Description ==

Watrix Login as User lets administrators sign in as any other user (impersonation) and return to their own account with a single click. It is useful for support requests, reproducing user-reported issues, debugging role and capability problems, and verifying the experience of subscribers, customers or editors without sharing passwords.

Key features:

* Adds a "Switch to" row action on the Users screen (localised as "切り替え" in Japanese).
* Adds a "Switch to %s" button on the user profile edit screen.
* Displays a persistent red warning bar in both the admin and the front-end while an impersonation session is active.
* The warning bar contains a one-click link back to the original administrator account.
* Switching and switching-back are protected by nonces and a signed cookie (HMAC-SHA256, AUTH_KEY-derived) so the original user id cannot be forged.
* A bounded audit log (latest 200 entries) is stored in a single options row.

Security model:

* Only users who are administrators AND hold the manage_options capability can switch (manage_network_users on multisite).
* The original (acting) user id is stored in a signed, Secure / HttpOnly / SameSite=Lax cookie.
* Nonce verification, self-switch prevention and clean-up on user deletion are implemented.
* If the AUTH_KEY salts required for signing are missing, the plugin fails closed and the feature is disabled.

== Installation ==

1. Upload the plugin to `wp-content/plugins/watrix-login-as-user/` or install it from the WordPress plugin directory.
2. Activate the plugin from the Plugins screen.
3. Go to Users and use the "Switch to" row action, or open a user's profile and use the "Switch to %s" button.
4. While impersonating, use the red warning bar at the top of the screen to return to your original account.

== Frequently Asked Questions ==

= Who can switch users? =

Only users who are administrators AND have the manage_options capability (manage_network_users on multisite). The capability is re-checked on every switch and on every restore.

= Is my password ever sent to the impersonated session? =

No. Switching uses WordPress' own authentication cookies (wp_set_auth_cookie). No password is ever read, written or transmitted by this plugin.

= What happens if I deactivate the plugin while impersonating? =

The impersonation cookie is cleared on deactivation, so the next request will not sit on a stale impersonation state.

= Where is the audit log stored? =

In a single wp_options row (`watrix_lau_audit_log`), capped at the most recent 200 entries. Uninstalling the plugin removes this option completely.

== Screenshots ==

1. The red impersonation warning bar.
2. The "Switch to" row action on the Users screen.

== Upgrade Notice ==

= 1.0.3 =
Plugin renamed from "Watrix User Switching" to "Watrix Login as User" (slug changed to `watrix-login-as-user`) to avoid confusion with the existing User Switching plugin. Functionality is unchanged.

= 1.0.2 =
Maintenance release for WordPress.org Plugin Check compliance. No behaviour changes.

= 1.0.1 =
Security hardening release: i18n support and fail-closed handling for the signing secret. Update recommended.

== Changelog ==

= 1.0.3 =
* Rename: plugin renamed from "Watrix User Switching" to "Watrix Login as User"; slug / text domain changed from `watrix-user-switching` to `watrix-login-as-user` to avoid confusion with the existing User Switching plugin.
* Internals: constant, function, class, option, cookie, nonce and query-parameter prefixes updated accordingly (`WATRIX_LOGIN_AS_USER_*`, `WATRIX_LAU_*`, `watrix_login_as_user_*`, `watrix_lau_*`, `WatrixLoginAsUser\`, `watrix_lau_original`, `watrix_lau_audit_log`, `?watrix_lau=...`).
* i18n: translation catalogue renamed to `watrix-login-as-user-ja.po/.mo`.
* No functional or behavioural changes.

= 1.0.2 =
* Compliance: pass WordPress.org Plugin Check 2.0.0 with zero errors and zero warnings.
* readme.txt: rewritten in English; "Tested up to" bumped to 7.0; Japanese description retained below.
* i18n: removed redundant `load_plugin_textdomain()` call (WP 4.6+ auto-loads translations for WP.org-hosted plugins).
* uninstall.php: prefixed local variables (`$watrix_lau_option_name`, `$watrix_lau_site_ids`, `$watrix_lau_site_id`).
* i18n: moved `/* translators: */` comments to be immediately adjacent to the `__()` call.
* nonce warnings: annotated the `admin_init` and admin-notice dispatchers (read-only status checks; the actual state-changing actions still verify nonces).
* Packaging: added `.distignore` so `.git`, `.gitignore`, `README.md` and `.DS_Store` are excluded from the distribution ZIP.

= 1.0.1 =
* i18n: switched UI strings to English source + translation catalogues. Japanese locale displays "切り替え" / "%s に切り替え"; other locales show "Switch to" / "Switch to %s".
* Security (H-1): removed the fallback signing secret. The plugin now fails closed when AUTH_KEY salts are not configured.
* Public failure codes coarsened; detailed reasons now live only in the audit log (S-4).
* Added `uninstall.php` to fully remove the audit-log option on plugin deletion (S-6).
* Deactivation hook clears any in-flight impersonation cookie (S-6).
* Reworked the user-edit screen UI to use a single dedicated form-table instead of a stray `<tr>` injection (L-4).
* Standardised on output-time escaping (S-1).
* Fixed mismatched `/* translators: */` placeholders (L-1).
* Bundled a compiled Japanese .mo file.

= 1.0.0 =
* Initial release.

== 日本語 ==

= 概要 =

Watrix Login as User は、管理者が他のユーザーになりすまして WordPress を操作する「代理ログイン」機能を提供します。サポート対応・動作確認・権限デバッグなどに有用です。

= 主な機能 =

* ユーザー一覧の各行に「切り替え」リンクを追加（英語ロケールでは "Switch to"）
* ユーザー編集画面にも「%s に切り替え」ボタンを追加
* 代理ログイン中は管理画面・フロント画面の上部に赤い警告バーを常時表示
* バー内のリンクで元の管理者アカウントへ即時復帰
* 切替・復帰は nonce + 署名付き Cookie (HMAC-SHA256) で保護
* 監査ログをオプションテーブルに最小限保存（最新 200 件）

= セキュリティ =

* 切替を許可するのは administrator かつ manage_options 保有者のみ（マルチサイト時は manage_network_users）
* 元ユーザー ID は AUTH_KEY で署名された Secure / HttpOnly / SameSite=Lax Cookie に保存
* nonce 検証・自身への切替防止・ユーザー削除時のクリーンアップを実装
* AUTH_KEY 系 SALT が未設定なら fail-closed で機能を無効化

= インストール =

1. プラグインを `wp-content/plugins/watrix-login-as-user/` にアップロード
2. WordPress 管理画面の「プラグイン」から有効化
3. 「ユーザー一覧」または個別のユーザー編集画面で「切り替え」を実行
4. 代理ログイン中は画面上部の赤いバーから元のアカウントに戻れます
