Sometimes you might want to add additional pages or some extra functionality outside of WordPress. I needed to do this and only allow singed in users to access the page.
There’s a pretty straight forward way to check visitors to the page simply by including the WordPress header file and then checking for an appropriate permission.
Read on for the script.
This Gist checks that a user has access to a specific WordPress multisite blog, and then grants access. If the user is either not signed in or doesn’t have access to the specific site – then the script ends and nothing else happens.
First of all, make sure that you set the path to the WordPress installation directory for this to work. You shouldn’t be hosting any additional content in the same directory as WordPress.
You can easily edit this to use the specific requirements. current_user_can works great for single sites if you want to check for specific WordPress capabilities – but I just want to make sure that subscribers can access the page.
Overall, it’s a nice simple way to authenticate your site users outside of WordPress.