• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

Check account/login from external php application

Triops

Active member
#1
There are several threads regarding word press login and similar., but I need something much more simple and did not found it, when searching:

Parallel to my current vB3 I have few own php applications / functions, which use the user accounts from vBulletin.
For this, users have to login within these applications. The login causes a call of a simple user.php and afterwards of a salt.php to verify the login against the vB database. Returned result is just "true" or "false", so the external application accepts the user as logged in or refuses him. If the check was successful, the application opens its own session for the user.

My question: is there something similar within XF core to check a login with xf-username/password or is there an addon for this functionality? Thanks for any input!
 

Triops

Active member
#3
Thanks Jeremy for hinting.
I now searched your posting history, furthermore all the forums and resources and help for "XenForo_Authentication", but I do not find a solution. I do have to guide my programmer (not xenforo but for my external php applications) to the solution on how to implement that user verification (checking username + password if its a valid combination -> grant access to external application), but I would not know how to guide him.

These threads is all I've found:
http://xenforo.com/community/thread...e-a-stock-controllerpublic.54720/#post-583607

That one sounds good, but its open ended as far as I understood:
http://xenforo.com/community/thread...t-my-needs-before-purchase.58560/#post-623312

Could someone please guide me to the usage of that class and how to access it from outside php to check a user login against the xenforo user database, please?

Thanks a lot in advance,
PyroM
 

Triops

Active member
#4
Could someone please guide me to the usage of that class and how to access it from outside php to check a user login against the xenforo user database, please?
Anybody?
I would be willing to pay for implementing this as "addon"...
 

Triops

Active member
#6
Actually those applications are on 2 different domains on 2 different physical servers. I would like to keep that for safety and performance reasons (the best server just for the forums, everything else external). If there is no, no, no way out I could put all on the best server, but still with different domains.

Does this info help, @tyteen4a03
 

tyteen4a03

Well-known member
#7
Actually those applications are on 2 different domains on 2 different physical serves. I would like to keep that for safety and performance reasons (the best server just for the forums, everything else external). If there is no, no, no way out I could put all on the best server, but still with different domains.

Does this info help, @tyteen4a03
In your case, your best bet is to implement OpenID or OAuth2 on your wordpress sites and set the XenForo forum as the master, instead of reinventing the wheel.
 

Triops

Active member
#8
Mmmmmh, that is bad news.
Its not regarding wordpress but own other php applications, but I think that does not matter. But as I do not know about what we are talking, its difficult to imagine.

Just to be clear:
the external applications do check at some occasions, if an user is a valid forums user. This has to be "hidden and convenient" for the users, so no third party login or similar is possible. The users just browse through the external php application and sometimes, here and there for special functions and interactions, the application checks if the user is valid and let him proceed - or not, if the return value of the username/passwort check is "false".

I understand that the solution probably should include() xf class and/or configuration files for using the XenForo_Authentication class within the forums domain. I do not understand what Jeremy've ment with "You'll need to initialize XenForo tho."

So, there should be a possibility to implement a small bridge (yes, probably reinventing the wheel) in one or few php files, located on the xf server and use XenForo_Authentication. Then allow a foreign domain/server to use those php files (for safety reasons these php files/functions should check the referer and allow only the known domain/IP, not foreign servers)

I think that is a way of the usercheck- and salt-php files, which check against the vBulletin user database. I am pretty sure this would work for xf too.

But how exactly, please?
And who would be willing to transparently implement such functions for me? I would be willing to pay.
 

tyteen4a03

Well-known member
#9
What he meant is include() xf classes and set up XenForo_Application (and other classes).

OpenID and/or OAuth2 would still be your best bet. Check out [bd] API or XenAPI for OAuth, and Waindigo's Single Sign On addon for OpenID.
 

ManOnDaMoon

Well-known member
#10