Gated Content
Quickstart guide for offering access to certain areas of your Wordpress site to NFT holders only.
This guide uses Cloudflare Workers and Wordpress (with the Content Control plugin) but the concept can be adapted to any CMS or website.
In this guide we'll show you how to use Verify to restrict certain areas of your Wordpress website to users who own your NFT. We'll be using the Content Control plugin, but you can use any plugin which allows you to restrict access to pages or posts depending on the user's role.
Theory
Below is a high-level overview of how this solution works.
Create a Wordpress role (e.g
nft_holder
) which will be required to view gated contentWhen a user clicks on the a gated post without the required role they'll be taken to a page with the Verify SDK
We'll use the
user
option to provide the current user ID and a HMAC signature to the verify request. A signature is used here to prevent the user tampering with their ID before completing verification.After completing verification we receive a signed object with result, which includes the user ID we provided. This entire object can be trusted, including the user ID, thanks to the signature from Step 3.
We send this object to a Cloudflare Worker, which verifies the signature and adds the
nft_holder
role to the user if they own the NFTUser is redirected back to the gated post they originally requested
Once the user has verified their NFT once, they'll have instant access to all future posts without verifying again.
You could extend this example by also adding an expiration time to the user metadata in Step 5, and registering a wp_cron
which removes the role from expired users. This would require users to re-verify ownership periodically.
Set up role-based access
Lorem ipsum
Last updated