validate wordpress user login from database using python

Question

I'm building a websocket based chat room in tornado where the main site runs wordpress. I want to allow the wordpress users to login to the chat with the same username and password. Hence, I would like to query the wordpress database using python and validate the provided username and password.

What I would like to know is what wordpress uses to hash the password?

(I'm aware of XMLRPC APIs which I would like to avoid)

Answer 1

Wordpress uses php crypt function and can be decrypted in Python using passlib. Here is the code:

from passlib.hash import phpass
phpass.verify("password", "wordpress hash")

I've used it on Wordpress 2.8 and PHP 5.3.6 and it worked well.