auth_redirect()

Checks if a user is logged in, if not it redirects them to the login page.

Source

File: wp-includes/pluggable.php 

function auth_redirect() {
	// Checks if a user is logged in, if not redirects them to the login page

	$secure = ( is_ssl() || force_ssl_admin() );

	/**
	 * Filters whether to use a secure authentication redirect.
	 *
	 * @since WP-3.1.0
	 *
	 * @param bool $secure Whether to use a secure authentication redirect. Default false.
	 */
	$secure = apply_filters( 'secure_auth_redirect', $secure );

	// If https is required and request is http, redirect
	if ( $secure && !is_ssl() && false !== strpos($_SERVER['REQUEST_URI'], 'wp-admin') ) {
		if ( 0 === strpos( $_SERVER['REQUEST_URI'], 'http' ) ) {
			wp_redirect( set_url_scheme( $_SERVER['REQUEST_URI'], 'https' ) );
			exit();
		} else {
			wp_redirect( 'https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'] );
			exit();
		}
	}

	/**
	 * Filters the authentication redirect scheme.
	 *
	 * @since WP-2.9.0
	 *
	 * @param string $scheme Authentication redirect scheme. Default empty.
	 */
	$scheme = apply_filters( 'auth_redirect_scheme', '' );

	if ( $user_id = wp_validate_auth_cookie( '',  $scheme) ) {
		/**
		 * Fires before the authentication redirect.
		 *
		 * @since WP-2.8.0
		 *
		 * @param int $user_id User ID.
		 */
		do_action( 'auth_redirect', $user_id );

		// If the user wants ssl but the session is not ssl, redirect.
		if ( !$secure && get_user_option('use_ssl', $user_id) && false !== strpos($_SERVER['REQUEST_URI'], 'wp-admin') ) {
			if ( 0 === strpos( $_SERVER['REQUEST_URI'], 'http' ) ) {
				wp_redirect( set_url_scheme( $_SERVER['REQUEST_URI'], 'https' ) );
				exit();
			} else {
				wp_redirect( 'https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'] );
				exit();
			}
		}

		return;  // The cookie is good so we're done
	}

	// The cookie is no good so force login
	nocache_headers();

	$redirect = ( strpos( $_SERVER['REQUEST_URI'], '/options.php' ) && wp_get_referer() ) ? wp_get_referer() : set_url_scheme( 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'] );

	$login_url = wp_login_url($redirect, true);

	wp_redirect($login_url);
	exit();
}

Expand Source Code View on GitHub

Related

Uses

Uses
Uses Description
wp-includes/general-template.php: wp_login_url()

Retrieves the login URL.
wp-includes/pluggable.php: wp_redirect()

Redirects to another page.
wp-includes/pluggable.php: secure_auth_redirect

Filters whether to use a secure authentication redirect.
wp-includes/pluggable.php: auth_redirect_scheme

Filters the authentication redirect scheme.
wp-includes/pluggable.php: auth_redirect

Fires before the authentication redirect.
wp-includes/pluggable.php: wp_validate_auth_cookie()

Validates authentication cookie.
wp-includes/link-template.php: set_url_scheme()

Sets the scheme for a URL.
wp-includes/user.php: get_user_option()

Retrieve user option that can be either per Site or per Network.
wp-includes/plugin.php: do_action()

Execute functions hooked on a specific action hook.
wp-includes/plugin.php: apply_filters()

Call the functions added to a filter hook.
wp-includes/load.php: is_ssl()

Determines if SSL is used.
wp-includes/functions.php: force_ssl_admin()

Whether to force SSL used for the Administration Screens.
wp-includes/functions.php: wp_get_referer()

Retrieve referer from ‘_wp_http_referer’ or HTTP referer.
wp-includes/functions.php: nocache_headers()

Set the headers to prevent caching for the different browsers.
Show 9 more uses Hide more uses

Changelog

Changelog
Version Description
WP-1.5.0 Introduced.