Adding custom login authentication

Hi guys,

I have added custom fields on registration to allow the user to input their own password and have also created code to generate a verification code which then gets emailed over to the user. Of course, the users needs to click the link in the email before they can log in.

Here’s where I am stuck. I am trying to add my own authentication to check the status of the verification when the user tried to log in.

Here’s my code which isn’t working;

function check_validation_status($username) {
	$user = get_user_by('login', $username);
	$userID = $user->ID;

	$status = get_user_meta($userID, 'verified', true);

	if($status == '0') {
		return;
	}
}

add_action('wp_authenticate', 'check_validation_status');

Unfortunately this code doesn’t seem to do anything. I have also tried the following (hooking into a different action)

function check_validation_status($username) {
	$user = get_user_by('login', $username);
	$userID = $user->ID;

	$status = get_user_meta($userID, 'verified', true);

	if($status == '0') {
		wp_logout(); // works but doesn't show an error :(
	}
}

add_action('wp_login', 'check_validation_status');

This code is successfulling logging the user straight out if they are not verified however it shows no form of error to the user, they just get redirected straight back to the login page.

Any help will be greatly appreciated.

Thanks.

EDIT: Sorry, I meant to post this in the hacks sub-forum, can a mod move it please?