WordPress at a glance
filter is not described

authenticate filter-hook . WP 2.8.0

Filters whether a set of user login credentials are valid.

A WP_User object is returned if the credentials authenticate a user. WP_Error or null otherwise.

Usage

add_filter( 'authenticate', 'filter_function_name_5507', 10, 3 );
function filter_function_name_5507( $user, $username, $password ){
	// filter...

	return $user;
}
$user(null/WP_User/WP_Error)
WP_User if the user is authenticated. WP_Error or null otherwise.
$username(string)
Username or email address.
$password(string)
User password

Notes

  • Since 4.5.0 $username now accepts an email address.

Where the hook is called

wp_authenticate()
wp-includes/pluggable.php 532
$user = apply_filters( 'authenticate', null, $username, $password );

Where the hook is used (in WP core)

wp-includes/default-filters.php 411
add_filter( 'authenticate', 'wp_authenticate_username_password', 20, 3 );
wp-includes/default-filters.php 412
add_filter( 'authenticate', 'wp_authenticate_email_password', 20, 3 );
wp-includes/default-filters.php 413
add_filter( 'authenticate', 'wp_authenticate_spam_check', 99 );
wp-includes/user.php 88
add_filter('authenticate', 'wp_authenticate_cookie', 30, 3);