[wp-hackers] Querying OAuth protected service during 'wp_login'

Otto otto at ottodestruct.com
Wed Dec 5 16:19:45 UTC 2012

On Wed, Dec 5, 2012 at 5:06 AM, fkooman at tuxed.net <fkooman at tuxed.net> wrote:
> There seems to be a problem here: the user is no longer logged in
> automatically after returning from the OAuth server redirect,

Are you redirecting the user's browser to do authentication? Because
you can't do that in an authenticate action, the login credentials
won't be there when they come back.

The authenticate action happens *every* request, not just on the login
screen or something like that. It should go get the information from
wherever without extra user interaction. If you need to send them
elsewhere and back, then you need to do that before authenticate, in
which case wp-login or something might be preferred.


More information about the wp-hackers mailing list