I came across a post on WP Recipes about programmatically logging users in, but it seemed like a flawed approach because it duplicated parts of Core’s internals rather than using the API.
So, I can up with my own version:
I came across a post on WP Recipes about programmatically logging users in, but it seemed like a flawed approach because it duplicated parts of Core’s internals rather than using the API.
So, I can up with my own version:
Found this the other day and implemented it on a site. It seemed to worked great, but there is one weird behavior I’m seeing. If, after I’ve logged the user in programmatically per your code above, and then open a new tab and go directly to http://www.websitename.com/wp-admin (which then redirects to wp-login.php…) it doesn’t recognize the programmatic login and shows me the login form instead. Additionally, navigating to the wp-login page directly also clears out the authentication of my “logged in” tabs.
Any idea why this is happening? I like the fact that you’ve used the new wp_signon function to accomplish the programmatic login, but something still isn’t working correctly or this wouldn’t be happening. Can you verify this behavior?
Thanks.
Dan
Ended up being some database corruption. Grumble. Code works great.
Thanks!
I am having a similar problem as ProgrammerDan,
I placed this code in my functions.php.
The user can login to the page I call the function on , but they can’t access wp-admin, and don’t register as signed in on any other pages.
Any thoughts on why?
Hm… Am I understanding this properly?
Even though this function has a var for the $password:
function allow_programmatic_login( $user, $username, $password )
You’re filtering it:
add_filter( ‘authenticate’, ‘allow_programmatic_login’, 10, 3
Then right after you’ve removed it.
So the notes says
To avoid potential security vulnerabilities, this should only be used in the context of a programmatic login, and unhooked immediately after it fires.
But your code does unhook it? Or is another unhooking necessary?
Second question/ point of clarification – this script can’t yet add a user if that user doesn’t exist.
That could be added in, instead of the return; false – any tips on how to add the user, then re-run the function so the added user gets logged in?
This is for a single sign on project – the sign on already exists, I’m guessing I just get back a TRUE or FALSE if the user is authenticated – so I’m looking to fire this script on TRUE – but there will be many cases where the user has credentials in the single sign on – but won’t yet exist in the WordPress they are getting programmatically logged into.
Thanks for posting!
Where to place this code to get login automatically?
Have you found the answer?
Wordpress User Programmatically Logga In - SwedenSpace
WordPress User Programmatically Logga In – Sweden Logga In