Login user with username only

Question

I have 2 scripts running in the same server: proXcore (root directory) and wordpress (sub-directory).

What I need to accomplish is: when the user logs into proXcore, the user gets automatically logged into wordpress. Same thing with the logout.

When a user signs into proXcore, it creates a $_SESSION['username'] variable with the username, indeed. So I am taking advantage of this to try to accomplish what I need. What I have so far in my functions.php of wordpress theme is:

function custom_login_wp_and_pxc() {

    // GET USER INFO. WE NEED THE ID!   
    $user = get_user_by( 'login', $_SESSION['username'] );

    // SET THE COOKIE!
    wp_set_auth_cookie( $user->ID, false, '' );

    // USER NEEDS TO RELOAD THE PAGE 2 TIMES
    // WE NEED TO FIND A FIX FOR THIS       
    // WE TRY THIS BUT IT DID NOT REDIRECTED PROPERLY
    //wp_redirect( home_url() );
    //exit;
}

// IF SESSION[USERNAME] EXISTS, THEN IT MEANS IT IS LOGGED IN INTO PROXCORE, 
// THEREFORE, LOG THE USER INTO WORDPRESS
if( isset( $_SESSION['username'] ) and !empty( $_SESSION['username'] ) ){
    // run it before the headers and cookies are sent
    add_action( 'after_setup_theme', 'custom_login_wp_and_pxc' );
}   
// IF SESSION[USERNAME] DOES NOT EXISTS, THEN IT MEANS IT IS NOT LOGGED IN INTO PROXCORE, 
// THEREFORE, LOG OUT THE USER FROM WORDPRESS
else {
    wp_logout();
}

It is working but with a little glitch. If I sign into proxcore, and then I visit the wordpress, I am not signed in at first, I need to visit some other page or post of wordpress. Just then, I see myself as logged in.

I need the user to be logged in at the first landing visit without needing to click somewhere else for the authentication to take effect.

I hope I make sense.

Is it the right code I am using here? Is is correct to put this code in the functions.php of the theme? Is there another way to accomplish this?

Thank for your help!

Answer 1

The after_setup_theme hook runs before WordPress authenticates the user so you may be setting the auth cookie too early. What about changing that to:

add_action( 'init', 'custom_login_wp_and_pxc' );

This will run after WordPress creates the user and tries to authenticate.

Answer 2

I made it work!

I am posting the code for if anybody sometime needs it.

Thank you everybody for your help and suggestions as you enlightening me to find the solution.

function custom_login_wp_and_pxc() {

    if( isset( $_SESSION['username'] ) and !empty( $_SESSION['username'] ) )
        $session_username = $_SESSION['username'];          
    elseif ( isset( $_SESSION['adminusername'] ) and !empty( $_SESSION['adminusername'] ) )
        $session_username = $_SESSION['adminusername'];

    // GET USER INFO. WE NEED THE ID!   
    $user = get_user_by( 'login', $session_username );

    // SET THE COOKIE!
    wp_set_auth_cookie( $user->ID, false, '' );
}

// IF SESSION[USERNAME] EXISTS, THEN IT MEANS IT IS LOGGED IN INTO PROXCORE, 
// THEREFORE, LOG THE USER INTO WORDPRESS
if( ( isset( $_SESSION['username'] ) and !empty( $_SESSION['username'] ) )
    or ( isset( $_SESSION['adminusername'] ) and !empty( $_SESSION['adminusername'] ) ) ){

    if(!is_user_logged_in()){   
        add_action( 'after_setup_theme', 'custom_login_wp_and_pxc' );
        wp_redirect( home_url() );
    }

}   
// IF SESSION[USERNAME] DOES NOT EXISTS, THEN IT MEANS IT IS NOT LOGGED IN INTO PROXCORE, 
// THEREFORE, LOG OUT THE USER FROM WORDPRESS
else {          
    wp_logout();

    if(is_user_logged_in())
        wp_redirect( home_url() );  
}