wp_generate_auth_cookie( int $user_id, int $expiration, string $scheme = 'auth', string $token = '' )
Generate authentication cookie contents.
Parameters
- $user_id
-
(Required) User ID
- $expiration
-
(Required) The time the cookie expires as a UNIX timestamp.
- $scheme
-
(Optional) The cookie scheme to use: auth, secure_auth, or logged_in
Default value: 'auth'
- $token
-
(Optional) User's session token to use for this cookie
Default value: ''
Return
(string) Authentication cookie contents. Empty string if user does not exist.
Source
File: wp-includes/pluggable.php
function wp_generate_auth_cookie( $user_id, $expiration, $scheme = 'auth', $token = '' ) {
$user = get_userdata($user_id);
if ( ! $user ) {
return '';
}
if ( ! $token ) {
$manager = WP_Session_Tokens::get_instance( $user_id );
$token = $manager->create( $expiration );
}
$pass_frag = substr($user->user_pass, 8, 4);
$key = wp_hash( $user->user_login . '|' . $pass_frag . '|' . $expiration . '|' . $token, $scheme );
// If ext/hash is not present, compat.php's hash_hmac() does not support sha256.
$algo = function_exists( 'hash' ) ? 'sha256' : 'sha1';
$hash = hash_hmac( $algo, $user->user_login . '|' . $expiration . '|' . $token, $key );
$cookie = $user->user_login . '|' . $expiration . '|' . $token . '|' . $hash;
/**
* Filters the authentication cookie.
*
* @since WP-2.5.0
* @since WP-4.0.0 The `$token` parameter was added.
*
* @param string $cookie Authentication cookie.
* @param int $user_id User ID.
* @param int $expiration The time the cookie expires as a UNIX timestamp.
* @param string $scheme Cookie scheme used. Accepts 'auth', 'secure_auth', or 'logged_in'.
* @param string $token User's session token used.
*/
return apply_filters( 'auth_cookie', $cookie, $user_id, $expiration, $scheme, $token );
}
Changelog
Version | Description |
---|---|
WP-4.0.0 | The $token parameter was added. |
WP-2.5.0 | Introduced. |