[wp-hackers] User Authentication
Matt Mullenweg
m at mullenweg.com
Sat Jun 19 03:17:06 UTC 2004
I feel like that thread has gotten totally out of control. For the people
wanting to authenticate against WP, there seem to be two camps:
I WANT AN EASY WAY TO HAVE MEMBERS-ONLY PAGES
Just require('/path/to/wp-admin/auth.php'). No, really.
I WANT A KEYWORD-HEAVY WAY TO AUTHENTICATE AGAINST WORDPRESS
http://www.blogger.com/developers/api/1_docs/xmlrpc_getUserInfo.html
No need to reinvent the wheel here. There is also these people:
I WANT TO REPLACE THE WORDPRESS LOGIN SYSTEM WITH SOMETHING ELSE
This is where we could improve. I suggest two functions:
wp_username($username) returns user ID or false if username not found
wp_login($username, $password) returns true or false
The reason to have two is because I'd like to customize the error message
depending on if the account exists or not. Internally we just use a
function_exists call to allow people to overwrite these functions in
auth.php, wp-login.php, and the XML-RPC interaface so you could write say
an IMAP plugin that authenticated against an IMAP server, or an LDAP
plugin, or an Allow Everybody In plugin, whatever.
--
Matt Mullenweg
http://photomatt.net | http://wordpress.org
http://pingomatic.com | more soon...
More information about the hackers
mailing list