XF 2.2 Authenticating to XF from standalone php app

chris p

Member
Hello. Is there a recommended way to allow a standalone php application, running on the same server as our XF instance, to use the authentication from the XF user database?

We have an application we want to carry forward to the new forum site, but it has no relationship to the forums (separate database schema). As it is a data entry application, we would like to only permit access to our XF users. In the past, this application looked for the presence of the phpbb2 login cookie which was extremely easy to circumvent of course. I would like to shirttail this application onto the XF instance for authentication purposes. I had considered making it an addon, but it really has nothing to do with XF and that seems like I'd be creating a more complex support issue for those who have to maintain it. I presume that people may have addressed this with wordpress and other applications and wondered how.
 
Solution
In theory, you can load XF inside your application and authenticate. If loading XF isn't easy due to code conflicts, you can use the authentication code from the XF codebase inside your app, and authenticate against the XF database. In practice, your programmer may have to iron out a few issues for this to work properly.

It's probably smarter to just use the XF API to test a username and password for validity: https://xenforo.com/community/pages/api-endpoints/#route_post_auth_

You can call the API with curl and authenticate the users based on the response.
In theory, you can load XF inside your application and authenticate. If loading XF isn't easy due to code conflicts, you can use the authentication code from the XF codebase inside your app, and authenticate against the XF database. In practice, your programmer may have to iron out a few issues for this to work properly.

It's probably smarter to just use the XF API to test a username and password for validity: https://xenforo.com/community/pages/api-endpoints/#route_post_auth_

You can call the API with curl and authenticate the users based on the response.
 
Last edited:
Solution
In theory, you can load XF inside your application and authenticate. If loading XF isn't possible due to code conflicts, you can use the authentication code from the XF codebase inside your app, and authenticate against the XF database. In practice, your programmer may have to iron out a few issues for this to work properly.

It's probably smarter to just use the XF API to test a username and password for validity: https://xenforo.com/community/pages/api-endpoints/#route_post_auth_

You can call the API with curl and authenticate the users based on the response.
Thank you very much. I wasn't aware of the API. It sounds like exactly what I need.
 
Back
Top Bottom