Skip to content

Instantly share code, notes, and snippets.

@stephenafamo
Forked from iandunn/programmatic_login.php
Created July 9, 2016 09:30
Show Gist options
  • Save stephenafamo/7d8346466a60afb0943bce443010cbe3 to your computer and use it in GitHub Desktop.
Save stephenafamo/7d8346466a60afb0943bce443010cbe3 to your computer and use it in GitHub Desktop.
Programmatically log in a WordPress user
/**
* Programmatically logs a user in
*
* @param string $username
* @return bool True if the login was successful; false if it wasn't
*/
function programmatic_login( $username ) {
if ( is_user_logged_in() ) {
wp_logout();
}
add_filter( 'authenticate', 'allow_programmatic_login', 10, 3 ); // hook in earlier than other callbacks to short-circuit them
$user = wp_signon( array( 'user_login' => $username ) );
remove_filter( 'authenticate', 'allow_programmatic_login', 10, 3 );
if ( is_a( $user, 'WP_User' ) ) {
wp_set_current_user( $user->ID, $user->user_login );
if ( is_user_logged_in() ) {
return true;
}
}
return false;
}
/**
* An 'authenticate' filter callback that authenticates the user using only the username.
*
* To avoid potential security vulnerabilities, this should only be used in the context of a programmatic login,
* and unhooked immediately after it fires.
*
* @param WP_User $user
* @param string $username
* @param string $password
* @return bool|WP_User a WP_User object if the username matched an existing user, or false if it didn't
*/
function allow_programmatic_login( $user, $username, $password ) {
return get_user_by( 'login', $username );
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment