WordPress.org
Get WordPress
WordPress.org

WordPress Developer Resources

wp_authenticate_cookie()

wp_authenticate_cookie( WP_User|WP_Error|null $user, string $username, string $password ): WP_User|WP_Error

In this article

Back to top

Authenticates the user using the WordPress auth cookie.

Parameters

$userWP_User|WP_Error|nullrequired
WP_User or WP_Error object from a previous callback. Default null.
$usernamestringrequired
Username. If not empty, cancels the cookie authentication.
$passwordstringrequired
Password. If not empty, cancels the cookie authentication.

Return

WP_User|WP_Error WP_User on success, WP_Error on failure.

Source

function wp_authenticate_cookie( $user, $username, $password ) {
	if ( $user instanceof WP_User ) {
		return $user;
	}

	if ( empty( $username ) && empty( $password ) ) {
		$user_id = wp_validate_auth_cookie();
		if ( $user_id ) {
			return new WP_User( $user_id );
		}

		global $auth_secure_cookie;

		if ( $auth_secure_cookie ) {
			$auth_cookie = SECURE_AUTH_COOKIE;
		} else {
			$auth_cookie = AUTH_COOKIE;
		}

		if ( ! empty( $_COOKIE[ $auth_cookie ] ) ) {
			return new WP_Error( 'expired_session', __( 'Please log in again.' ) );
		}

		// If the cookie is not set, be silent.
	}

	return $user;
}

View all references View on Trac View on GitHub

UsesDescription
WP_User::__construct()wp-includes/class-wp-user.php

Constructor.

wp_validate_auth_cookie()wp-includes/pluggable.php

Validates authentication cookie.

__()wp-includes/l10n.php

Retrieves the translation of $text.

WP_Error::__construct()wp-includes/class-wp-error.php

Initializes the error.

Show 2 moreShow less

Changelog

VersionDescription
2.8.0Introduced.

User Contributed Notes

You must log in before being able to contribute a note or feedback.