=== WindCodex SwitchGuard – Safe User Switching for WordPress & WooCommerce ===
Contributors: windcodex
Tags: user switching, switch user, login as user, user management, woocommerce
Requires at least: 6.0
Tested up to: 7.0
Stable tag: 1.0.0
Requires PHP: 8.1
License: GPLv2 or later
License URI: https://www.gnu.org/licenses/gpl-2.0.html

One-click WordPress user switching with nonce protection, role hierarchy enforcement, and instant switch-back.

== Description ==

**WindCodex SwitchGuard** is the most secure free user switching plugin for WordPress and WooCommerce. Switch into any lower-privilege user account in one click – no passwords, no account resets, no risk.

Whether you're a **support agent** reproducing a customer bug, a **WooCommerce store owner** checking an order as the buyer, or a **developer** testing member-only content, SwitchGuard gives you instant, safe access to any user account and brings you straight back when you're done.

🔒 **Security-first design.** Every switch is nonce-verified, role-hierarchy-enforced, and recorded in a signed session cookie. You can never switch into an equal-or-higher privilege account by mistake.

= ✅ Everything In The Free Version =

**One-Click Switching**
* Switch from the **Users list** with a single click
* Switch from any **user profile edit screen**
* Switch from **WooCommerce order screens** – jump straight into the customer's account
* **Admin bar quick search** – find any user by name or email and switch instantly

**Access Control**
* Switching is **disabled by default** – you opt in when you're ready
* Restrict switching to specific **WordPress roles** (e.g., only Shop Managers)
* Automatically blocks switching into **administrator accounts**
* Equal-or-higher privilege accounts are **always blocked** – no configuration needed
* Configurable **session duration** from 1 to 168 hours (default 48 h)

**Security**
* Every switch action protected by **WordPress nonces** (CSRF protection)
* Switch sessions stored in a **signed, HTTPOnly cookie** – tamper-proof
* No passwords stored, logged, or transmitted – ever
* Full **multisite** support

**Switch Back**
* Prominent **Switch Back** button in the admin bar – always visible
* **Switch Off** to end the session and return to your original account
* Session expires automatically when the cookie TTL is reached

= 🚀 Who Uses SwitchGuard? =

* **WordPress agencies** – debug client accounts without password sharing
* **WooCommerce store owners** – investigate orders from the customer's perspective
* **Membership site admins** – verify what members see after plan changes
* **Help desk & support teams** – reproduce user-reported issues in seconds
* **Developers & QA teams** – test role-restricted content and functionality

= 🔐 How Is SwitchGuard Different From Other User-Switching Plugins? =

Most user-switching plugins simply swap the session – leaving you exposed to privilege escalation and session fixation. SwitchGuard was built from the ground up with a security-first approach:

* **Role hierarchy enforcement** – switch targets must have strictly lower privilege than the switcher
* **Explicit opt-in** – switching is off by default, not on
* **Signed cookie session** – the switch origin is HMAC-signed, not just stored in a plain cookie or database row
* **Nonce on every action** – switch, switch back, and switch off are all CSRF-protected

= ⚡ How It Works =

1. Activate SwitchGuard and go to the **SwitchGuard** settings page in wp-admin.
2. Turn on **Enable User Switching** and configure who can switch.
3. Click **Switch To** next to any user in the Users list, profile screen, or WooCommerce order screen.
4. Work in the target account as needed.
5. Click **Switch Back** in the admin bar to return to your original account instantly.

= 📋 Requirements =

* WordPress 6.0 or higher
* PHP 8.1 or higher
* WooCommerce is **optional** – order-screen switching only appears when WooCommerce is active

== Installation ==

**From WordPress Dashboard (Recommended)**

1. Go to **Plugins > Add New Plugin**.
2. Search for **SwitchGuard**.
3. Click **Install Now**, then **Activate**.
4. Navigate to **SwitchGuard** in the left sidebar and configure your settings.

**Manual Installation**

1. Download the plugin `.zip` file.
2. Go to **Plugins > Add New Plugin > Upload Plugin**.
3. Upload the zip and click **Install Now**, then **Activate**.
4. Go to **SwitchGuard** in the left sidebar to configure.

== Frequently Asked Questions ==

= Is user switching safe? =

Yes – when done correctly. SwitchGuard protects every switch action with WordPress nonces (CSRF protection), enforces role hierarchy (you can only switch into lower-privilege accounts), and stores the session in a signed, HTTPOnly cookie that cannot be tampered with or replayed.

= Does SwitchGuard store passwords? =

Never. SwitchGuard switches your WordPress session – no passwords are read, stored, logged, or transmitted at any point.

= Who can switch user accounts? =

By default, any user with the `edit_users` capability (typically Administrators). You can restrict this further to specific roles – for example, allowing only Shop Managers to switch – from the Access Control settings.

= Can I accidentally switch into an administrator account? =

No. SwitchGuard automatically blocks switching into any account with equal or higher privilege than the current user. The "Block switching into administrators" setting adds an extra explicit layer on top of this.

= Does it work with WooCommerce? =

Yes. When WooCommerce is active, a **Switch To Customer** button appears on order edit screens, letting you jump straight into the customer's account to reproduce checkout issues or verify order history.

= How do I switch back to my original account? =

The admin bar always shows a **Switch Back** button during an active switch session. Click it to instantly return to your original account. You can also click **Switch Off** to end the session entirely.

= Does the switch session expire automatically? =

Yes. The switch session is stored in a cookie with a configurable TTL (default 48 hours, adjustable from 1 to 168 hours). When the cookie expires, the session ends automatically.

= Does SwitchGuard work on WordPress multisite? =

Yes. SwitchGuard is fully compatible with WordPress multisite networks.

= What happens if I close the browser during a switch session? =

The switch session is stored in a persistent cookie (not a session cookie), so it survives browser restarts until the TTL you configured expires. Once expired, the session ends and you will need to log in again.

= Is this plugin compatible with 2FA or membership plugins? =

SwitchGuard bypasses the login form entirely, so it works naturally alongside most 2FA and membership plugins. If a plugin enforces its own session validation on every page load, there may be edge cases – check the compatibility notes or contact support.

= How is this different from other user-switching plugins? =

SwitchGuard adds: explicit opt-in requirement (off by default), role hierarchy enforcement (not just capability checks), HMAC-signed session cookies (not plain database rows), and nonce protection on every action. It also integrates directly with WooCommerce order screens and includes an admin-bar quick-search switcher.

== Screenshots ==

1. **Users list** – Switch To link next to each user row.
2. **Admin bar** – Quick user search, Switch Back, and Switch Off controls.
3. **Settings page** – Access Control, Integration Points, and session duration settings.
4. **WooCommerce order screen** – Switch to Customer button on order edit pages.

== Changelog ==

= 1.0.0 =
* Initial release.
* One-click user switching from Users list, profile, and WooCommerce order screens.
* Admin bar quick user search (name/email) with instant switch.
* Explicit opt-in, role-based access control, and session duration settings.
* Role hierarchy enforcement – equal-or-higher privilege targets blocked automatically.
* Signed HTTPOnly session cookie with configurable TTL (1–168 hours).
* CSRF-protected switch, switch-back, and switch-off actions.
* Multisite compatible. Translation-ready.

== Upgrade Notice ==

= 1.0.0 =
Initial release. No upgrade steps required.
