wp_validate_application_password( int|false $input_user )
Validates the application password credentials passed via Basic Authentication.
Parameters
- $input_user
-
(Required) User ID if one has been determined, false otherwise.
Return
(int|false) The authenticated user ID if successful, false otherwise.
Source
File: wp-includes/user.php
function wp_validate_application_password( $input_user ) {
// Don't authenticate twice.
if ( ! empty( $input_user ) ) {
return $input_user;
}
if ( ! wp_is_application_passwords_available() ) {
return $input_user;
}
// Both $_SERVER['PHP_AUTH_USER'] and $_SERVER['PHP_AUTH_PW'] must be set in order to attempt authentication.
if ( ! isset( $_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW'] ) ) {
return $input_user;
}
$authenticated = wp_authenticate_application_password( null, $_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW'] );
if ( $authenticated instanceof WP_User ) {
return $authenticated->ID;
}
// If it wasn't a user what got returned, just pass on what we had received originally.
return $input_user;
}
Changelog
| Version | Description |
|---|---|
| 5.6.0 | Introduced. |