I have got Trac installed as a subset of a larger website. Ideally I'd like to be able to log users into trac from the main site without having to use the trac interface itself. The main site is implemented in PHP on IIS. Additionally if the user is logged in via Trac then I'd like to be able to offer access to other features from some of the PHP pages based upon the user privileges.
Authentication uses an htpasswd file in trac and being able to administrate users via the trac interface is useful. Additionally the same user/pass would be used for subversion as this can use the htpasswd file. I can't use this with IIS to do the login via a virtual path and authentication role. I don't want to use LDAP/ActiveDirectory
It would be nice to be able to implement a login page in PHP that actually logs the user into Trac. However I an unsure how I would add an appropriate __FORM_TOKEN field in the PHP page. It would be fine to use the trac login page itself but after logging in, it goes to the trac wiki home page rather than the referer that I set in the form data if it is not a sub-url of the trac part of the site.
Also it would be handy to be able to query permissions for the user currently logged into trac from PHP. Presumably this is possible via the sqlite database, but how do I know who the current user is?
