External app Login using Wordpress login credentials

0
votes

I am building a php application for which user needs to login first

and those login credentials will be same as wordpress login credentials

I am trying to connect the application with wordpress database table 'users' where we have 'user_login' and 'user_pass' and the problem for me is column 'user_pass' is encrypted with a prefix '$S$B' and I came to know that wordpress uses one side md5 encryption method which can not be decrypted . . .

now I want to validate password for my external application

I tried using this 

$password = clean($_POST['password']);
$pass = "$P$B" .md5($password);

but this didn't work

can anyone please help me

1
phpmysqlwordpressencryptionmd5

1 Answers

1
votes

AS far I am a ware wp use the function wp_hash_password($passowrd) to encrypt password. Please check the function:

/**
 * Create a hash (encrypt) of a plain text password.
 *
 * For integration with other applications, this function can be overwritten to
 * instead use the other package password checking algorithm.
 *
 * @since 2.5
 * @global object $wp_hasher PHPass object
 * @uses PasswordHash::HashPassword
 *
 * @param string $password Plain text user password to hash
 * @return string The hash string of the password
 */
function wp_hash_password($password) {
    global $wp_hasher;

    if ( empty($wp_hasher) ) {
            require_once( ABSPATH . 'wp-includes/class-phpass.php');
            // By default, use the portable hash from phpass
            $wp_hasher = new PasswordHash(8, TRUE);
    }

    return $wp_hasher->HashPassword($password);
}

Follow the function HashPassword($password); Try to use the login API from WordPress in you application.