I’m trying to implement a connection to Wordpress so that Auth0 will eventually be able to authorise users to access Zoho as well.
I want to keep the user/pass on my WP db. For now this is the LOGIN script I’m using but it’s producing a 401 - Unauthorized response.
Is there anything wrong with this script that jumps out?
function login(email, password, callback) {
const mysql = require('mysql');
const bcrypt = require('bcrypt');
const connection = mysql.createConnection({
host: 'xxxxxxx.xxx',
user: 'yyyyyyyyyyyy',
password: 'zzzzzzzzzzz',
database: 'dbdbdbdbdbdbd'
});
connection.connect();
const query = 'SELECT ID, user_login, user_email, user_pass FROM wp_users WHERE user_email = ?';
connection.query(query, [ email ], function(err, results) {
if (err) return callback(err);
if (results.length === 0) return callback(new WrongUsernameOrPasswordError(email));
const user = results[0];
bcrypt.compare(password, user.user_pass, function(err, isValid) {
if (err || !isValid) return callback(err || new WrongUsernameOrPasswordError(email));
callback(null, {
user_id: user.ID.toString(),
nickname: user.user_login.toString(),
email: user.user_email
});
});
});
}