wordpress 3.9 удаленный токен auth

Я нашел здесь следующий код

<?php /* Plugin Name: Remote Login Description: Log into the site with creds that work on remote site (as defined in plugin). The remote site must have XML-RPC enabled. Author: Kailey Lampert Author URI: http://kaileylampert.com/ THIS IS NOT COMPLETE - DO NOT USE IN PRODUCTION The remote site (defined below in $server) is the "master" site. All active users on the master site can log in this site with their "master" credentials "this site" means the site this plugin is installed on :) When they log in a "ghost" users is created. This user is not destroyed. Ideally they'd self-delete after some amount of time to make sure we don't have unneeded users sticking around... If the user already exists, a new password will be created each time it is logged in. "ghost" users are always admins, even if the master user isn't. This needs to be fixed. */ new Remote_Login(); class Remote_Login { //this should be your remote site var $server = 'demo.trepmal.com'; //has public credentials demo:demo for testing //demo.trepmal.com resets periodically, so the XML-RPC option may be off by the time you use this //that's a good thing, else anyone could log into this site with demo:demo function __construct() { add_filter( 'authenticate', array( &$this, 'auth' ), 10, 3 ); } function auth( $user, $username, $password ) { if ($username == 'demo') { //if username is 'demo'. may change this to check for special username prefix or something... //try it against remote server if ( ! $this->remote_login_check( $this->server, $username, $password )) return $user; //if it worked, setup new user $username = 'prefix_'.$username; //prefix the "ghost" user's username $password = wp_generate_password( 16, true ); //if user already exists, change the password if ( $user_id = username_exists( $username ) ) { wp_set_password( $password, $user_id ); $user = new WP_User( $user_id ); } else { //else create the user $user_id = wp_create_user( $username, $password ); } //authenticate them $user = wp_authenticate( $username, $password ); //make sure it has correct role $user->set_role('administrator'); //we should be fetching the "master" user's role, and using that instead of always administrator } return $user; } function remote_login_check( $server, $username, $password ) { require_once( ABSPATH . '/wp-includes/class-IXR.php' ); $client = new IXR_Client( esc_url( $server ) .'/xmlrpc.php' ); //test query, see if creds work //todo: instead of wp.getOptions, get user so we can give the "ghost" a better role if ( ! $client->query( 'wp.getOptions', '', $username, $password, 'blog_title' ) ) { //return $client->getErrorMessage(); return false; echo 'Error occured during the request.<br />' . $client->getErrorCode() . ': ' . $client->getErrorMessage(); } else { //return $client->getResponse(); return true; printer( $client->getResponse() ); } } } if ( ! function_exists( 'printer') ) { function printer( $input ) { echo '<pre>' . print_r( $input, true ) . '</pre>'; } } 

источник

В настоящее время удаленная аутентификация основана на токенах. Поэтому, когда пользователь регистрируется в токене, генерируется проверка пользователя. Я не сталкивался с какой-либо хорошей документацией по внедрению удаленной аутентификации с помощью WordPress. Есть ли хорошие примеры кода или учебные пособия при этом.

Solutions Collecting From Web of "wordpress 3.9 удаленный токен auth"