Integrate Wordpress user accounts with Mediawiki

I had been trying to integrate my media-wiki users accounts with wordpress and to allow users signed in on wordpress to be automatically signed in to MediaWiki. This process is long and cumbersome and even more difficult if mediawiki is not within the root directory of wordpress.

The first step is to make mediawiki recognize wordpress accounts. For this, you can use the AuthWP plugin for Mediawiki. After following the steps on the plugin page, it should work straight away if your mediawiki isntallation is under the wordpress root directory. This means that you just need to add the following to your LocalSettings.php (in mediawiki):

require_once('extensions/AuthWP.php');
$wgAuth=new AuthWP();

The main problems that you might face however is that this integrates the Wordpress account information with Mediawiki but doesn’t automatically login to Mediawiki if the user is logged in to Wordpress. The problem arises because Wordpress forbids the files outside its root directory to make requests to it to get the user details.

The easy way is to install mediawiki inside the wordpress root. But this is not always possible. The workaround for this is by modifying the AuthWP.php file and installing a plugin on Wordpress to allow the Mediawiki plugin to make requests to it.

Use chdir() to move into WordPress root before including and even calling anything related to WordPress. The are cases where relative directory and file references are used, thus breaking many things. You can return to the previous directory afterwards by storing the get_cwd() first

cwd = get_cwd();
chdir('path/to/wordpress');
include 'wp-blog-header.php';
include 'wp-load.php';
// ... do stuff with WordPress
// write the above before $wpuser=wp_get_current_user in AuthWP.php
echo get_current_user_id();
chdir( $cwd );
// ... continue happily ever after

Additionally, since we are working with session cookies, the paths for these cookies are invalid for the URI we are working from. The browser will not send the WordPress authentication cookies that we have acquired previously since the domain roots are invalid and outside of the WordPress scope. We will need to alter the roots of these cookies from WordPress with something like the root-cookie extension. So install that on Wordpress too.