Support » Plugins » authenticate filter in WP 2.8

Viewing 6 replies - 1 through 6 (of 6 total)
  • No input? None?

    if ldap auth fails, then return a WP_Error instead of just null. The built-in ‘authenticate’ implementations will not try to authenticate the user against the wordpress user database, though there is nothing stopping some other plugin from doing something.

    err.. scratch that, I don’t think they will bail if a WP_Error is returned. hmph.

    I’m not sure that it would make sense to have the default implementations bail out if they are passed a WP_Error. Sometimes you might want authentication to fail over to a secondary method, sometimes not. Perhaps the best thing to do in your case is to actually remove the default password implementation from the authenticate hook:

    remove_action(‘authenticate’, ‘wp_authenticate_username_password’, 20);

    You’d want to do that in addition to returning a WP_Error.


    I’m trying to prevent registered users who have not activated their account. I’ve already implemented creating a user with a md5 unique id in the usermeta table (attached to their user id). I’m basically trying to check for that “activation_key’ value in the usermeta table on login, if a value exists, I want to prevent the login from occurring.

    The authenticate filter seems to be exactly what I need but after modifying it and placing it into my functions.php file, it doesn’t seem to work! Login occurs per usual.

    Would I need to edit the pluggable.php file, and then apply filter in my functions.php file?


    I realize it’s been 8 months since you posted, but I was revisiting this issue and stumbled upon my old post and your response.

    I think removing the filter is a perfect solution.


Viewing 6 replies - 1 through 6 (of 6 total)
  • The topic ‘authenticate filter in WP 2.8’ is closed to new replies.