# Epic OTP Login **Status:** Prepared for storefront owner review only. Do not publish automatically. **Version audited:** 0.1.2 **Product card pricing:** Pricing pending owner review ## Tagline Add passwordless email OTP login with single-use hashed codes, rate limits, and WooCommerce-ready hooks. ## Short description Passwordless OTP login foundation with request and verify shortcode flow, hashed single-use transient storage, non-enumerating responses, rate limiting, settings, and broker-ready license/update guardrails. ## Best for WordPress membership sites, WooCommerce stores, service portals, agencies, and developers that want passwordless email-code login flows. ## Buyer-facing headline Let customers sign in with a one-time email code while keeping OTP storage hashed, single-use, and rate-limited. ## Feature list - Owner-review passwordless email OTP flow for WordPress and WooCommerce login surfaces - `[epic_otp_login]` request and verification shortcode with separate email and code steps - Hashed single-use OTP transient storage with expiry and deletion after successful verification - Rate limiting per email/IP plus non-enumerating responses to reduce account-discovery risk - Auth-cookie login for matching WordPress users after successful code verification - Admin settings for code expiry, code length, success redirect, and attempt-log foundation - Broker-ready license activate/validate/deactivate handlers and native update guardrails ## Proof and trust notes - Owner-review QA passed PHP lint, JavaScript syntax checks, plugin smoke tests, SDK smoke tests, and a local include/activation/admin harness. - Storefront asset review matched shortcode, hashed OTP, rate-limit, WooCommerce hook, license SDK, and owner-review ZIP evidence. - Package manifest keeps status as owner-review artifacts only; not published and not sale-ready. ## Visual references - Product-page mockup: `assets/images/product-mockups/epic-otp-login-mockup.svg` - Visual asset notes: `visual-assets.md` ## Pricing tiers See `pricing-table.md`. Prices are product-specific; tiers without owner-approved values are marked pending owner review. ## Verification snapshot - PHP lint: PASS (10 PHP files checked) - JavaScript syntax: PASS (2 JS files checked) - JSON parse: PASS (2 JSON files checked) - Package ZIP: D:\EpicWorks\Plugins\builds\epic-otp-login-0.1.2-owner-review.zip - ZIP integrity: PASS - Licensing/update source evidence: PASS (118 license signals, 9 update-hook/updater signals) ## Publication guardrails Owner review is required before public publication, checkout enablement, sale-ready classification, or production promotion.