bypassing XF auth using custom cookie?

Colosus

Colosus

Member
i'm looking to setup a XF install which respects my existing application's authentication.

my goal is to have the user never, ever login to XF directly but instead login to my application and have XF use the session cookie i create to figure out who they are.

are there any examples of this behavior i can use as a base? what files should i look to edit in XF in order to bypass the built-in auth and read my custom cookie for session info?

thanks!
 
Colosus said:
i'm looking to setup a XF install which respects my existing application's authentication.

my goal is to have the user never, ever login to XF directly but instead login to my application and have XF use the session cookie i create to figure out who they are.

are there any examples of this behavior i can use as a base? what files should i look to edit in XF in order to bypass the built-in auth and read my custom cookie for session info?

thanks!
Click to expand...
Sounds like you are trying to do a bridge..

hmm... I think instead of trying to get xenforo to use your app's cookie, should be the way around, try to get your app to work xenforo's cookie. But this is just to answer your question. There are different ways to share session, you could include the xf's initiation code and try to mimic user's login, or also using curl.. I haven't done any bridges for xenforo as of yet, but these are the general methods for bridges.
 
You must log in or register to reply here.

Similar threads

yar
Not a bug remember_cookie from /api/auth/from-session and xf_user cookie
Replies
4
Views
429
yar
yar
C
  • Solved
XF 2.2 Authenticating to XF from standalone php app
Replies
2
Views
248
chris p
C
Tohru
XF 2.2 Use XF session to verify via curl
Replies
0
Views
512
Tohru
Tohru
L
XF 2.2 Xenforo Login Issues
Replies
0
Views
258
leebo
L
T
XF 2.2 Using XenForo as authentication for other subdomains
Replies
6
Views
2K
techguy12
T
Top Bottom