So essentially part of my company's web site is run off of Drupal 7 plus the commerce plugin. I am wondering if there is a safe way to utilize the users already existing in this system in other parts of the website that are not using Drupal. This is to avoid having two separate user accounts for one single user due to lack of communication between the programs. Is there a safe way to authehnticate users in my application based on information from the Drupal database or a standard way of going about this? The Drupal backing database is a large, strange, complicated behemoth, and I would prefer not to anger it.
The only thing I need to do is determine whether a user's credentials are valid if they login via my authentication form. If I can do this by using the Drupal login system (perhaps by passing a url to forward to afterwards) that would be excellent. Or is there a script that already manages this?
I would also like to be able to determine whether a user has already logged in and is still remember based on the cookie that I am sure the Drupal software sets.
References, applicable scripts I can use in the Drupal core, etc would be much appreciated. I am a person who knows nothing about Drupal, but have good PHP/knowledge as I have been doing web development professionally for several years.
Yep it is easy, you can do it one of two ways.
Option 1, use the Services module and you can use REST to login/authenticate users.
Option 2, you can write custom code. You would either include the Drupal Boostrap or individual files you need from the user module. Then simply use the user_authenticate() function to check username and password.
you can also user xml with the services module , see details here http://drupal.org/node/1105470
With PHP using Drupal bootstrap
this file should be inside drupal installation
It is hell easy
//set the working directory to your Drupal root
define("DRUPAL_ROOT", "/var/www/drupal/");
//require the bootstrap include
require_once 'includes/bootstrap.inc';
//Load Drupal
drupal_bootstrap(DRUPAL_BOOTSTRAP_FULL);
//(loads everything, but doesn't render anything)
$name = 'admin';
$password = 'admin';
//use drupal user_authenticate function
if(!user_authenticate($name, $password)){
echo 'invalid';
}else{
echo 'valid';
}