admin管理员组文章数量:1425742
I have one website in WordPress but I need to create another in other framework (ASP.NET).
I want to give users the ability to login with the same login and password to second website without the need to create account once again.
How to calculate the password hash outside WordPress? I want to generate hash in my second website, then connect to WordPress database and authenticate user. So it should work without WordPress help, only direct connection to the database.
I tried WordPress password hasher, but every time it gives me another hash. Why it is not deterministic like SHA?
I don't also see any password salt here.
I have one website in WordPress but I need to create another in other framework (ASP.NET).
I want to give users the ability to login with the same login and password to second website without the need to create account once again.
How to calculate the password hash outside WordPress? I want to generate hash in my second website, then connect to WordPress database and authenticate user. So it should work without WordPress help, only direct connection to the database.
I tried WordPress password hasher, but every time it gives me another hash. Why it is not deterministic like SHA?
I don't also see any password salt here.
Share Improve this question edited Aug 22, 2017 at 22:14 Johansson 15.4k11 gold badges43 silver badges79 bronze badges asked Aug 22, 2017 at 21:37 Some OneSome One 212 bronze badges 2- Without seeing the code for that site it's not possible to say, but, it's probably intentionally adding a random salt. Have you considered other alternatives? Such as OAuth, or sharing the cookie and redirecting to WordPress for logins? – Tom J Nowell ♦ Commented Aug 22, 2017 at 21:46
- You can create proxy script as API loading wordpress and checking your password – Anton Lukin Commented Aug 22, 2017 at 22:09
1 Answer
Reset to default 1While the answer to your question could be long and complex, but since you are developing another website using ASP, I assume you know how to integrate with database too.
I'm going to add some useful information for your case.
WordPress Salts
WordPress uses different salts for different purposes, as asked here. These salts are located at wp-config.php. You might want to take a look into that to generate your hashes.
Manual Hash Generation
The PasswordHash class allows you to generate and customize hashed passwords. You can use it to create hashes based on your strings, and then compare them with the original hashes from database, by using its CheckPassword() method.
Location of Password Hashes in Database
Hashed password for a every user is stored under user_pass row, located at wp_users table. You can use it to make hash comparisons, using the $wpdb class. This can be done by a REST API.
When a user tries to log in, you can send a REST request to your WordPress installation, grab the hashes, then compare it and pass it back to your ASP installation if it's correct.
本文标签: databaseHow to verify password outside Wordpress
版权声明:本文标题:database - How to verify password outside Wordpress? 内容由网友自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:http://www.betaflare.com/web/1745418523a2657798.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。
发表评论