php curl request doesn't allow user to be logged in in another wordpress site

0
votes

I'm sending user objetc from site A (wordpress) to site B (wordpress). Now when site B accept the user data, it should login the user into site B.

the user is logged in site B, I checked using is_user_logged_in() and wp_get_currect_user. but at this point the url still shows siteA/wp-admin/admin-post. But after this I need to redirect to site B and the user must get logged in. This is the part I fail. Even if I use javascript hack to redirect to site B, redirection works but user is not logged in. please check my curl request and let me know.

site A

$opts = array(

        CURLOPT_CONNECTTIMEOUT => 10,
        CURLOPT_RETURNTRANSFER => false,
        CURLOPT_TIMEOUT => 60,
        CURLOPT_USERAGENT => 'from-site-a',
        CURLOPT_SSL_VERIFYPEER => False,
        CURLOPT_HTTPHEADER => array('Accept: application/json'),
        CURLOPT_POST => 1,
        // CURLOPT_HEADER => false,
        CURLOPT_FOLLOWLOCATION => true,
        CURLOPT_POSTFIELDS => http_build_query($user),
        CURLOPT_URL => $url
    );

    $ch = curl_init();

    curl_setopt_array($ch, $opts);

    $result = curl_exec($ch);

site B

    $user = $_POST;

    $a = get_user_by('login', $user['data']['user_login']);

    wp_set_current_user( $a->data->ID );
    wp_set_auth_cookie( $a->data->ID );
    do_action('wp_login', $a->data->user_login, $a);

   //wp_get_current_user();



    $string = '<script type="text/javascript">';
    $string .= 'window.location = "' . site_url() . '"';
    $string .= '</script>';

    echo $string;
    exit;
1
phpwordpresscurl

1 Answers

0
votes

You need to try PHP redirect instead of JavaScript. I guess you are using this script in a wrong place for JS script. So, try this

$user = $_POST;
$a = get_user_by('login', $user['data']['user_login']);
wp_set_current_user( $a->data->ID );
wp_set_auth_cookie( $a->data->ID );
do_action('wp_login', $a->data->user_login, $a);

header("location: ".site_url());
exit;

But i am afraid either this one may not work. If the current website is A, then redirect script should be executed there, not at B side. For example, side A should be so

$opts = array(
        CURLOPT_CONNECTTIMEOUT => 10,
        CURLOPT_RETURNTRANSFER => false,
        CURLOPT_TIMEOUT => 60,
        CURLOPT_USERAGENT => 'from-site-a',
        CURLOPT_SSL_VERIFYPEER => False,
        CURLOPT_HTTPHEADER => array('Accept: application/json'),
        CURLOPT_POST => 1,
        // CURLOPT_HEADER => false,
        CURLOPT_FOLLOWLOCATION => true,
        CURLOPT_POSTFIELDS => http_build_query($user),
        CURLOPT_URL => $url
    );

    $ch = curl_init();
    curl_setopt_array($ch, $opts);
    $result = curl_exec($ch);
    header("location:".$result);

And side be should be so

$user = $_POST;
$a = get_user_by('login', $user['data']['user_login']);
wp_set_current_user( $a->data->ID );
wp_set_auth_cookie( $a->data->ID );
do_action('wp_login', $a->data->user_login, $a);
echo site_url();