wp_authenticate_cookie()
Authenticates the user using the WordPress auth cookie.
No Hooks.
Return
WP_User|WP_Error. WP_User on success, WP_Error on failure.
Usage
wp_authenticate_cookie( $user, $username, $password );
- $user(WP_User|WP_Error|null) (required)
- WP_User or WP_Error object from a previous callback.
Default: null - $username(string) (required)
- Username. If not empty, cancels the cookie authentication.
- $password(string) (required)
- Password. If not empty, cancels the cookie authentication.
Notes
- Global. String. $auth_secure_cookie
Changelog
| Since 2.8.0 | Introduced. |
wp_authenticate_cookie() wp authenticate cookie code WP 6.3
function wp_authenticate_cookie( $user, $username, $password ) {
if ( $user instanceof WP_User ) {
return $user;
}
if ( empty( $username ) && empty( $password ) ) {
$user_id = wp_validate_auth_cookie();
if ( $user_id ) {
return new WP_User( $user_id );
}
global $auth_secure_cookie;
if ( $auth_secure_cookie ) {
$auth_cookie = SECURE_AUTH_COOKIE;
} else {
$auth_cookie = AUTH_COOKIE;
}
if ( ! empty( $_COOKIE[ $auth_cookie ] ) ) {
return new WP_Error( 'expired_session', __( 'Please log in again.' ) );
}
// If the cookie is not set, be silent.
}
return $user;
}