After beating myself over the head for the last weeks, I need to ask for some help. In theory this should be simple.
I am attempting to create a WordPress SSO for a custom Login System. When a user logs on to the WordPress Website ( or (changes the password or the email) it will fire up the SSO functions after the user has been validated by WordPress.
My question is which direct hook is correct to use for this task and what variable(s) are good to utilize for this task. When a guest logs into WordPress, successfully, it then uses the same credentials of the user to validate the Custom System Login.
function custom_login() {
//## Function used to 'Auto' Login to Custom if user is accepted from WordPress.
//## Check if user is signed on.
if ( !is_user_logged_in() ) {
//## User is Not Logged in, return 'false'
return;
}
//## Assign Varibles (is this too risky?)
//## Not sure if the $_POST['value'] will be the best way for this.
$NewUserCred_username = $_POST['log'];
$NewUserCred_password = $_POST['pwd'];
//## Fire up Custom Validation.
//## Will set Custom Session if Successful.
fireCustomLoginFunction($NewUserCred_username, $NewUserCred_password);
}
//## Maybe should run this during wp_signon or wp_login?
add_action( 'NOT SURE', 'custom_login' );
It would seem wp_signon is the one to use somehow as it contains credentials that I need to use to pass to the function before they are hashed, but at that time the user has not be validated. The custom system re-Hashes the Information for security.
My question is which direct hook is correct to use for this task and what variable(s) are good to utilize for this task. Any ideas? Any feedback is truly appreciated
🙂
try