Integrate API authentication to WordPress

Question

I have a website where I have to authenticate the users registered in another system (in this case the Kayako support system). I think I have to use the APIs to resolve this problem, but I don't really know how to get started.

Can someone please help me solve this problem? How can I send the data required for the authentication and how do I manage the response I get from Kayako.

Answer 1

Figure out how the API of the Kayako system looks like. In WordPress you can do something similar like this in order to authenticate the users:

// this action is executed just before the invocation of the WordPress authentication process
add_action('wp_authenticate','checkTheUserAuthentication');

function checkTheUserAuthentication() {

     $username=$_POST['log'];
     $password=$_POST['pwd'];

    // try to log into the external service or database with username and password
    $ext_auth = try2AuthenticateExternalService($username,$password);

    // if external authentication was successful
    if($ext_auth) {

         // find a way to get the user id
         $user_id = username_exists($username);
         // userdata will contain all information about the user
         $userdata = get_userdata($user_id);
         $user = set_current_user($user_id,$username);

         // this will actually make the user authenticated as soon as the cookie is in the browser
         wp_set_auth_cookie($user_id);
         // the wp_login action is used by a lot of plugins, just decide if you need it
        do_action('wp_login',$userdata->ID);

        // you can redirect the authenticated user to the "logged-in-page", define('MY_PROFILE_PAGE',1); f.e. first
        header("Location:".get_page_link(MY_PROFILE_PAGE));
    }

}

The try2AuthenticateExternalService() method should contain some curl-request (or similar) to the remote service.