When to load auto-login code?

0 Views

I’m using this (simplified) code to automatically login users via a plugin for a single sign-on system: 

$user_info = get_userdatabylogin( $username );
$user_id = $user_info->ID;
wp_set_current_user( $user_id );
wp_set_auth_cookie( $user_id );
do_action( 'wp_login', $username );

Many code snippets that I’ve found online will bind this code to the init action. When using init, I’m having some trouble with the timing of elements loading on the page. For example, the user toolbar only appears on the second page load while the Log In meta link changes to Logout on the first. It seems that some elements are loading before the user session is setup.

Read More

When should I load this code? Looking at http://codex.wordpress.org/Plugin_API/Action_Reference, is plugins_loaded the best time?

Thanks,
Mike

Post Views: 0

Related posts

Leave a Reply

1 comment

  1. I ended up using the ‘plugins_loaded’ action or state from http://codex.wordpress.org/Plugin_API/Action_Reference:

    In my main plugin file I have:

    include_once( 'lib/class-my-auth.php' ); // your class file here
add_action( 'plugins_loaded', 'My_Auth::auto_login' );

    In lib/class-my-auth.php:

    <?php

class My_Auth {

    private static $successfully_connected_Main_to_WP = false;

    public static function auto_login() {

            $username = ...; // Integrate with main site to get username from active session

            // Check if WP user is logged in
            if ( is_user_logged_in() ) {

                // Get current WP user
                $current_wp_user = wp_get_current_user();

                // Logout if the current WP user is different than the main site user
                if ( strToLower( $username ) !== strToLower( $curren_wp_user->user_login ) ) {
                    self::logout_of_wp();
                } else {
                    self::$successfully_connected_Main_to_WP = true;
                }

            }

            // If a connection b/w main site & WP has not been established, login if possible
            if ( ! self::$successfully_connected_Main_to_WP && $user_info = get_userdatabylogin($username) ) {

                $user_id = $user_info->ID;

                if ( $user_id > 0 ) {
                    wp_set_auth_cookie( $user_id );
                    wp_set_current_user( $user_id );
                    self::$successfully_connected_Main_to_WP = true;
                }

            }

        }

        // If no connection b/w main site & WP was established, and the user is
        // logged in, logout.
        if ( ! self::$successfully_connected_Main_to_WP && is_user_logged_in() ) {
            self::logout_of_wp();
        }

    }

    private static function logout_of_wp() {

        // Clear the auth cookie, and do other stuff
        wp_clear_auth_cookie();
        do_action('wp_logout');

        // Unset the current user
        wp_set_current_user(0);

    }

}