sergiotarxz/Wordpress
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Introduce a $token argument to wp_set_auth_cookie() so session tokens can be reused by custom authentication implementations.

Browse Source 
Props rmccue

Fixes 30247


git-svn-id: https://develop.svn.wordpress.org/trunk@32465 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
John Blackbourn 2015-05-09 00:27:11 +00:00
parent 8303e8f314
commit 1b76bd6246
1 changed files with 7 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
src/wp-includes/pluggable.php
View File

@ -822,13 +822,15 @@ if ( !function_exists('wp_set_auth_cookie') ) :
* set, the cookies will be kept for 14 days or two weeks.
*
* @since 2.5.0
* @since 4.3.0 Added the `$token` parameter.
*
* @param int $user_id User ID
* @param bool $remember Whether to remember the user
* @param mixed $secure Whether the admin cookies should only be sent over HTTPS.
* Default is_ssl().
* @param string $token Optional. User's session token to use for this cookie.
*/
function wp_set_auth_cookie($user_id, $remember = false, $secure = '') {
function wp_set_auth_cookie( $user_id, $remember = false, $secure = '', $token = '' ) {
if ( $remember ) {
/**
* Filter the duration of the authentication cookie expiration period.
@ -888,8 +890,10 @@ function wp_set_auth_cookie($user_id, $remember = false, $secure = '') {
$scheme = 'auth';
}
$manager = WP_Session_Tokens::get_instance( $user_id );
$token = $manager->create( $expiration );
if ( '' === $token ) {
$manager = WP_Session_Tokens::get_instance( $user_id );
$token = $manager->create( $expiration );
}
$auth_cookie = wp_generate_auth_cookie( $user_id, $expiration, $scheme, $token );
$logged_in_cookie = wp_generate_auth_cookie( $user_id, $expiration, 'logged_in', $token );