[wp-trac] [WordPress Trac] #21907: Allow custom errors on login when using XML-RPC
WordPress Trac
wp-trac at lists.automattic.com
Mon Sep 17 14:33:15 UTC 2012
#21907: Allow custom errors on login when using XML-RPC
-----------------------------+-----------------------------
Reporter: koke | Type: feature request
Status: new | Priority: normal
Milestone: Awaiting Review | Component: XML-RPC
Version: | Severity: normal
Keywords: mobile |
-----------------------------+-----------------------------
Currently, the code for login in XML-RPC does this:
{{{
$user = wp_authenticate($username, $password);
if (is_wp_error($user)) {
$this->error = new IXR_Error(403, __('Bad login/pass
combination.'));
return false;
}
}}}
So any custom error returned by wp_authenticate is thrown away and
replaced by a generic error
Our use case: we recently added Two Step authentication to WordPress.com.
The XML-RPC api needs to use an application specific password, since
there's no support for entering the auth code. When a user logs in with
the right username/password we need to return a specific error message
asking the user to login with an application specific password.
Other custom login systems may require specific error messages too
--
Ticket URL: <http://core.trac.wordpress.org/ticket/21907>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list