Drupal is a registered trademark of Dries Buytaert
drupal 11.3.7 Update released for Drupal core (11.3.7)! drupal 11.2.11 Update released for Drupal core (11.2.11)! drupal 10.6.7 Update released for Drupal core (10.6.7)! drupal 10.5.9 Update released for Drupal core (10.5.9)! cms 2.1.1 Update released for Drupal core (2.1.1)! drupal 11.3.6 Update released for Drupal core (11.3.6)! drupal 10.6.6 Update released for Drupal core (10.6.6)! cms 2.1.0 Update released for Drupal core (2.1.0)! bootstrap 8.x-3.40 Minor update available for theme bootstrap (8.x-3.40). menu_link_attributes 8.x-1.7 Minor update available for module menu_link_attributes (8.x-1.7). eca 3.1.1 Minor update available for module eca (3.1.1). layout_paragraphs 2.1.3 Minor update available for module layout_paragraphs (2.1.3). ai 1.3.3 Minor update available for module ai (1.3.3). ai 1.2.14 Minor update available for module ai (1.2.14). node_revision_delete 2.0.3 Minor update available for module node_revision_delete (2.0.3). moderated_content_bulk_publish 2.0.52 Minor update available for module moderated_content_bulk_publish (2.0.52). klaro 3.0.10 Minor update available for module klaro (3.0.10). klaro 3.0.9 Minor update available for module klaro (3.0.9). layout_paragraphs 2.1.2 Minor update available for module layout_paragraphs (2.1.2). geofield_map 11.1.8 Minor update available for module geofield_map (11.1.8).
← All modules

node_authlink

546 sites Security covered
View on drupal.org

Generates links for view, edit, or delete content without login.

Module maintains authorization key for every node and gives additional grants (view/edit/delete) to every user (anonymous too) who accesses page with correct key in URL. Module offers function node_authlink_get_url($node, $op = 'view') for generate absolute URL to selected operation (e.g. for e-mail notifications).

Authkeys are generated for every node (in configured content type) once for all operations. In content type form you can configure which operations to allow and automatic expiration of keys.

Limitations

Currently, the module decorates the "access_check.entity" to allow access if auth key is detected. This works well for viewing operations, but it can fail when editing or removing when other entities or permissions are involved. For example, editing nodes with media or with Content Moderation may fail.

This module works specially well to give access to content that's being moderated to people that don't even have a user in the site.

How to get keys?

Keys are stored in database, you can get them by these functions:

 131 /**
 132  * Loads key from NID.
 133  */
 134 function node_authlink_load_authkey($nid)

 140 /**
 141  * Get edit URL of specified node.
 142  * @param $node Node object or NID.
 143  * @param $op Operation to do with node. view, edit (default) or delete.
 144  */
 145 function node_authlink_get_url($node, $op = 'update')

If you want to use Rules (such as send auth URL to e-mail) you have to use PHP snippet with one of functions above.

Activity

Total releases
3
First release
Jan 2025
Latest release
5 months ago
Release cadence
139 days
Stability
100% stable

Release Timeline

Releases

Version Type Release date
2.2.1 Stable Nov 5, 2025
2.2.0 Stable Mar 27, 2025
2.1.0 Stable Jan 31, 2025