Is it possible to use a WordPress session to authenticate to a CakePHP application?

What is the best way to use a successful WordPress sign-in attempt to authenticate to a CakePHP application? I don’t want to use password synchronization, if at all possible. I’d prefer to keep all of the user details within the WordPress database tables. I’ve been rolling this over in my mind this weekend and can’t think of a good solution. Any ideas?

Related posts

Leave a Reply

2 comments

  1. Sometimes it can’t be avoided, but hacking the core of an application that you will need to patch regularly is guaranteed to create tons of pain. I would suggest something like OPENID as an alternative.

    You can use this WordPress plug-in:
    http://wordpress.org/extend/plugins/openid/
    to allow OPENID logins in your WordPress blog.

    Then you need just need to install OPENID support into your CakePHP application authentication routine. Here is a tutorial I found:
    http://cakebaker.42dh.com/2008/02/06/new-version-of-the-openid-component/

  2. Assuming here that you’re talking about your own WordPress install, rather than hosted WordPress.

    If you’re WordPress savvy, you could hack the WP authentication mechanism. I bet you could call a Cakephp URL from within the WP auth method, posting the necessary login info to Cakephp. You’d also have to set your Auth mechanisms fields attribute, so that Cake::Auth would know to pull the user information from the WordPress database.

    It could work.