Removing wordpress cookie from non-wordpress site

I am using wordpress for a blog on my site. So I installed wordpress in a subdirectory (eg: www.example.com/blog).

I handle all of the sign in/sign out through my main site.

For signing in I set a cookie which is read upon entering the wordpress site.

However, when it comes time to sign out, I want to also remove the cookie that WordPress sets (it starts with "wordpress_logged_in"), so that the user will also be signed out of the wordpress blog.

For some reason, when I get all the cookies sent with the request (javax.servlet.http.HttpServletRequest), the "wordpress_logged_in" cookie (as well as all other cookies set by wordpress) are not recognized.

Other cookies set by plugins on wordpress are recognized, just the cookies set by wordpress directly aren't recognized.

How can I also remove the wordpress cookie (I wanted to loop through all cookies and remove the one starting with "wordpress_logged_in...").

(I'm running in a local environment on 2 different ports, but I don't think that's the issue since the request is returning other cookies set by plugins).

Or, is there a better way to do what I'm trying to do?

Thanks.

Topic cookies single-sign-on directory login Wordpress

Category Web

1
answered at

Your non-wordpress application cannot see the WP cookie because the WP session cookie is only set for the path that WP is installed in (/blog in your example).

You can configure WP to create the session cookie for the root path '/' so your non-wordpress application can manage it by modifying your wp-config.php, add - 

define( 'COOKIEPATH','/');
define( 'SITECOOKIEPATH','/');

https://codex.wordpress.org/Editing_wp-config.php

About

Geeks Mental is a community that publishes articles and tutorials about Web, Android, Data Science, new techniques and Linux security.