[wp-hackers] overriding pluggable.php functions

[Otto]

On Sat, Jan 10, 2009 at 4:36 AM, Will Norris <will at willnorris.com> wrote:
> in the case of wp_authenticate(), it is expected to return either null or an
> WP_User object.  We begin by passing in null.  If any of the filter
> implementations are able to authenticate the user by whatever means, all
> they need to do is return a new WP_User object.  Otherwise, they just return
> what they were originally passed in.  If no filter function is able to
> authenticate the user, then null ends up being returned.

Hah. I like this much better.  Instead of calling wp_authenticate in
the code anywhere, we hook it to a filter. Then you say that every
authentication function needs to hook into that filter and have code
like if ($value !== null) return $value; right at the top of the
function. That way, if somebody authenticated already, it bypasses the
rest and falls on through. You can use the priority of the filter to
determine the order of authentication attempts.

-Otto