Manually log in a user

Question

Hello gents.

I'm working on a drupal site where I allow users to login while at the same time posting a content. I've successfully added email & password fields to the original form, but I'm stuck as to how I should actually log in the user. (My plan is to do it in the validation step, before the content is created, to make the logged in user owner to the content).

I can find three functions in user.module API that somehow looks right:

• http://api.drupal.org/api/function/user_login_authenticate_validate/6
• http://api.drupal.org/api/function/user_authenticate/6
• http://api.drupal.org/api/function/user_authenticate_finalize/6

Now, my question is which one is it? Am I even on the right track?

Answer 1

Once you've checked the username/password and have found that they validate and got the $uid of the user, you would do something like this:

$account = user_load($uid))
global $user;
$user = $account;
user_authenticate_finalize($form_state['values']);

So you overwrite the global $user object and call user_authenticate_finalize.

Update:
Doing the validation and login with one step would look like this:

$account = user_load(array(
  'name' => $form_values['name'],
  'pass' => trim($form_values['pass']),
  'status' => 1)
);
if ($account && !drupal_is_denied('mail', $account->mail) {
  global $user;
  $user = $account;
  user_authenticate_finalize($form_state['values']);
}
else {
  // Raise validation error.
}