I'm developing a plugin to facilitate single sign-on between wordpress and my web app. I'm using cookie based authentication, wherein I set encrypted cookies in my web app. The wordpress plugin may decrypt the cookies to detect the username and do login automatically. If the cookies are not present, the user will be redirected to web app login form.
I use authenticate filter hook for sso. It works fine. I've an exception to handle here. I should allow manual login for few users, like administrators. I may pass "manuallogin=true" parameter to wp-login.php script. But then, it authenticates the user using the cookie, or redirect the user to my web app if cookies are not present, and does login automatically.
Can you please give me an hint on how to permit "manuallogin" for few users? I should skip the sso part, if the "manuallogin" parameter is passed to wp-login.php script. I tried adding login_form action hook and draw login form if the parameter exists, but it doesn't seem to work, or i'm not doing it the right way.
Any help would be appreciated. Thank you.