douweyntema

Ok, I have it working now!

Here is the code I inserted in functions.php of my used theme:

/*
    exlog_hook_filter_authenticate_hash

You can use this hook to check if the password is correct in a custom way. For example, if you use a hashing algorithm not supported by the plugin by default.

This hook provides you with a range of different information:
– $password – the password that was typed in at the login screen
– $hashFromDatabase – the hash stored in the database
– $username – the username that was typed in in the login screen
– $externalUserData – the rest of the data retrieved from the external database for the user that was found

Returning true will authenticate the user and returning false will treat them as unauthorised.

*/
function myExlogHashAuthenticator($password, $hashFromDatabase, $username, $externalUserData) {

    $inputPasswordHash  = hash_hmac($externalUserData['user_algo'], $password, $externalUserData['user_salt']);
    if ($inputPasswordHash == $hashFromDatabase) {
        return TRUE;
            } else {
        return FALSE;
    }
}
add_filter('exlog_hook_filter_authenticate_hash', 'myExlogHashAuthenticator', 10, 4);

This code is for logging in via PHP-Fusion. I tested with V8 and I am pretty sure it should also work for V7. I guess it should work with V9 too, but not sure and not tested with V9.

I also tested to insert the code with plugin My Custom Functions, and there it is working also. I am using it with the custom functions plugin now, to avoid the code beeing lost when updating theme.

Thanks for helping me this pointing out. I am going to place this on php-fusion forum as well.

Sorry, but I did not find any time yet to work on it.

But I will try next week.

Thank you

Thanks I will try.

Now I changed my password on WP, so it is different from password on external system (usernames are equal)
I cannot log onto WP.

Via PHPMyadmin I disabled the external plugin, and now I am able to login to WP.

Same as with the previous situation, where username and password are equal on WP and external system. When plugin is enabled, I cannot logon to WP. I guess this is because the hashing on external system is not supported by the plugin, therefore I have to make the hook.

The migration checkbox is not set on the plugin.

If the migration checkbox is checked, I can logon to WordPress, with different or equal passwords on external system.

For me it is the same if the hashing algorithm is not set up correctly, the password is not validated correctly, resulting in beeing blocked from logging in to WordPress

I had to switch of the plugin via PHPMyadmin in the database, before I was able to login to my wordpress site again.

About the hook,

You’ll want to copy the code example and paste it in the top of your functions.php file.

But I cannot find a file called functions.php in the folder structure of the plugin. Where has this file to be created?

I am sorry, I am not familiar with WordPress.

So, now I figured out the plugin is working, because when I log in, my password on WP is changed. But because the hashing method is different from my external system, after the password change by the plugin I cannot login anymore (need password recovery)

I am not familiar with WP, but I am able to do PHP programming. Can you explain which files I need to change in your plugin to make a custom hashing method?
I read the FAQ, but a dead link leads to nothing else.

Thanks, but my external system uses a separate salt for every password, it is stored in a separate field in the user database. I don’t understand why the salt needs to be placed before or after the password? It is already in a separate field.