How to authenticate a wordpress user in external script


Staff member
I'm attempting to check a user's authentication in an external api file. I'm including the wp-load.php file and i'm receiving the following error:

<br />
<b>Fatal error</b>: Call to a member function add_query_var() on a non-object in <b>/home/USERNAME/public_html/DOMAIN/wp-includes/rewrite.php</b> on line <b>1834</b><br />

Here's my code:

function authentication ($user, $pass){

//Include wordpress files

if(empty($user) || empty($pass)){

    return false;

} else {
$auth = mysql_query("SELECT ID, user_login, user_pass FROM PREFIX_users WHERE user_login = '".$user."'");
$row = mysql_fetch_array($auth);
$uid = $row['ID'];

$status = false;

$auth = wp_authenticate($uid, $pass );

if( is_wp_error( $auth ) ) {        
    $status = false;
} else {
    $status = true;
return $status; 


I removed the username, domain and prefix from this.