Check account/login from external php application

[Triops]

There are several threads regarding word press login and similar., but I need something much more simple and did not found it, when searching:

Parallel to my current vB3 I have few own php applications / functions, which use the user accounts from vBulletin.
For this, users have to login within these applications. The login causes a call of a simple user.php and afterwards of a salt.php to verify the login against the vB database. Returned result is just "true" or "false", so the external application accepts the user as logged in or refuses him. If the check was successful, the application opens its own session for the user.

My question: is there something similar within XF core to check a login with xf-username/password or is there an addon for this functionality? Thanks for any input!

 

[Jeremy]

XenForo_Authentication has the functionality. You'll need to initialize XenForo tho.

 

[Triops]

Thanks Jeremy for hinting.
I now searched your posting history, furthermore all the forums and resources and help for "XenForo_Authentication", but I do not find a solution. I do have to guide my programmer (not xenforo but for my external php applications) to the solution on how to implement that user verification (checking username + password if its a valid combination -> grant access to external application), but I would not know how to guide him.

These threads is all I've found:
http://xenforo.com/community/thread...e-a-stock-controllerpublic.54720/#post-583607

That one sounds good, but its open ended as far as I understood:
http://xenforo.com/community/thread...t-my-needs-before-purchase.58560/#post-623312

Could someone please guide me to the usage of that class and how to access it from outside php to check a user login against the xenforo user database, please?

Thanks a lot in advance,
PyroM

 

[Triops]

Could someone please guide me to the usage of that class and how to access it from outside php to check a user login against the xenforo user database, please?

Anybody?
I would be willing to pay for implementing this as "addon"...

 

[tyteen4a03]

Can the external program access the XenForo files internally (i.e include())?

 

[Triops]

Actually those applications are on 2 different domains on 2 different physical servers. I would like to keep that for safety and performance reasons (the best server just for the forums, everything else external). If there is no, no, no way out I could put all on the best server, but still with different domains.

Does this info help, @tyteen4a03

 

[tyteen4a03]

Actually those applications are on 2 different domains on 2 different physical serves. I would like to keep that for safety and performance reasons (the best server just for the forums, everything else external). If there is no, no, no way out I could put all on the best server, but still with different domains.

Does this info help, @tyteen4a03

In your case, your best bet is to implement OpenID or OAuth2 on your wordpress sites and set the XenForo forum as the master, instead of reinventing the wheel.

 

[Triops]

Mmmmmh, that is bad news.
Its not regarding wordpress but own other php applications, but I think that does not matter. But as I do not know about what we are talking, its difficult to imagine.

Just to be clear:
the external applications do check at some occasions, if an user is a valid forums user. This has to be "hidden and convenient" for the users, so no third party login or similar is possible. The users just browse through the external php application and sometimes, here and there for special functions and interactions, the application checks if the user is valid and let him proceed - or not, if the return value of the username/passwort check is "false".

I understand that the solution probably should include() xf class and/or configuration files for using the XenForo_Authentication class within the forums domain. I do not understand what Jeremy've ment with "You'll need to initialize XenForo tho."

So, there should be a possibility to implement a small bridge (yes, probably reinventing the wheel) in one or few php files, located on the xf server and use XenForo_Authentication. Then allow a foreign domain/server to use those php files (for safety reasons these php files/functions should check the referer and allow only the known domain/IP, not foreign servers)

I think that is a way of the usercheck- and salt-php files, which check against the vBulletin user database. I am pretty sure this would work for xf too.

But how exactly, please?
And who would be willing to transparently implement such functions for me? I would be willing to pay.

 

[tyteen4a03]

What he meant is include() xf classes and set up XenForo_Application (and other classes).

OpenID and/or OAuth2 would still be your best bet. Check out [bd] API or XenAPI for OAuth, and Waindigo's Single Sign On addon for OpenID.

 

[ManOnDaMoon]

Some nice reading: http://xenforo.com/community/threads/how-to-create-a-bridge.28515/#post-332370
Summary & clarification: http://xenforo.com/community/threads/issue-with-code-events-in-a-bridge.45498/

With this, you'll be able to check if user is already logged in (XenForo_Visitor::hasInstance()) or to test a username/password combination with (XenForo_Model_User::validateAuthentication($nameOrEmail, $password, &$error = '')). These functions are documented in XF code.