All geek questions in one place

Wordpress User Authentication Process

I am creating a wordpress system where I want to authenticate users from an external source instead of wordpress DB. I use the wsdl service to communicate with an external database, and I get the correct user information based on their credentials. However, I do not understand how to continue the result. Someone please help me.

Below are the steps that I have taken so far

Created custom function in pluggable.php and call it in user.php

 function wp_authenticate_username_password($user, $username, $password) { if ( is_a($user, 'WP_User') ) { return $user; } if ( empty($username) || empty($password) ) { if ( is_wp_error( $user ) ) return $user; $error = new WP_Error(); if ( empty($username) ) $error->add('empty_username', __('<strong>ERROR</strong>: The username field is empty.')); if ( empty($password) ) $error->add('empty_password', __('<strong>ERROR</strong>: The password field is empty.')); return $error; } //$user = get_user_by('login', $username); /*Replaced it with the below*/ $user = validate_ep($username,$password); echo "<pre>"; print_r($user); /*Produces the result in step 3*/ echo "</pre>"; exit;

Custom function in pluggable.php that links to my external db

 function validate_ep($username, $userpwd) { $wsdl = "my web service path"; $client = new SoapClient($wsdl); //(Parameter is the wsdl file in which the services are written. $newObj = new stdClass; $user_name = ucfirst($username); $user_pwd = md5($userpwd); $display_type = 'wp'; try { $result = $client->log_process(array(0 => $user_name, 1 => $user_pwd, 2 => $display_type)); if ($result==FALSE) return FALSE; foreach($result->item as $key=>$valObj) { if(!is_numeric($valObj->key)) { $newObj->{$valObj->key} = $valObj->value; } } /*$actual = unserialize(base64_decode($result));*/ if (count($result) > 0) { $user = new WP_User; $user->init($newObj); return $user; } } catch (SoapFault $exp) { //print_r( $exp->getMessage()); } return false; }

Web Service Returned Result

 WP_User Object ( [data] => stdClass Object ( [id] => ID [organization] => ID [login] => UserName [password] => *** [name] => Name ) [ID] => 0 [caps] => Array ( ) [cap_key] => wp_capabilities [roles] => Array ( ) [allcaps] => Array ( ) [filter] => )

Someone please help what can I do after these steps.

+6
source share
1 answer

I would advise you not to modify WordPress core files in the same way as for user.php , since it will be overwritten after updating the WordPress core. Instead, I suggest moving on to the next article:

WordPress Replace Integrated User Authentication

The video ad also has an explanation.

I add only a summary below:

What to consider when replacing integrated authentication

WordPress is heavily dependent on the embedded user system. Because of this, there are many links to users in the WordPress database that are made. While this is a bit annoying, it's still pretty simple to get around these limitations.

WordPress requires that the real user (WordPress user) be present in the WordPress database to perform operations on this user. Fortunately, WordPress has a feature for creating, managing, and deleting users. Therefore, when we create our service, we will actually perform the following steps, which should be fairly authentic types of agnostics:

  • User Authentication through an Alternative Method
    • If an invalid user displays an invalid login message
    • If a valid user
      • Check if the user exists in the WordPress user table.
      • If a user loads and returns user data in a WP_User object
      • If the user does not exist
        • Automatically create a new user from user information of the alternative authentication service
        • After creating a custom load and returning user data to the WP_User object
+10
source

Source: https://habr.com/ru/post/957877/

More articles:


All Articles