[wp-hackers] Exemplary code for web single sign-on plugin

[Ryan McCue]

Otto wrote:
> You don't need to handle the cookie parts yourself. Using the
> "authenticate" filter correctly will do it for you.

>From my own experience, simply filtering authenticate is *not* enough.
The cookie check will happen before authenticate gets called in some
cases, and cause the user to be logged out.

I had to work around this:
https://github.com/rmccue/WordPressOAuthProvider/commit/4b779059fd352c9086aef31b6b3c817ea3229388

It may be the case that I was doing this incorrectly, but a simple
filter on authenticate wasn't enough for me.
-- 
Ryan McCue
<http://ryanmccue.info/>