-
-
Save galileoguzman/badedeef4d9f4cd0dccf6c38359b0970 to your computer and use it in GitHub Desktop.
WordPress authentication cookie generation using default keys
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
if ( !function_exists('wp_generate_auth_cookie') ) : | |
/** | |
* Generate authentication cookie contents. | |
* | |
* @since 2.5.0 | |
* | |
* @param int $user_id User ID | |
* @param int $expiration Cookie expiration in seconds | |
* @param string $scheme Optional. The cookie scheme to use: auth, secure_auth, or logged_in | |
* @param string $token User's session token to use for this cookie | |
* @return string Authentication cookie contents. Empty string if user does not exist. | |
*/ | |
function wp_generate_auth_cookie( $user_id, $expiration, $scheme = 'auth', $token = '' ) { | |
$user = get_userdata($user_id); | |
if ( ! $user ) { | |
return ''; | |
} | |
if ( ! $token ) { | |
$manager = WP_Session_Tokens::get_instance( $user_id ); | |
$token = $manager->create( $expiration ); | |
} | |
$pass_frag = substr($user->user_pass, 8, 4); | |
$key = wp_hash( $user->user_login . '|' . $pass_frag . '|' . $expiration . '|' . $token, $scheme ); | |
$hash = hash_hmac( 'sha256', $user->user_login . '|' . $expiration . '|' . $token, $key ); | |
$cookie = $user->user_login . '|' . $expiration . '|' . $token . '|' . $hash; | |
/** | |
* Filter the authentication cookie. | |
* | |
* @since 2.5.0 | |
* | |
* @param string $cookie Authentication cookie. | |
* @param int $user_id User ID. | |
* @param int $expiration Authentication cookie expiration in seconds. | |
* @param string $scheme Cookie scheme used. Accepts 'auth', 'secure_auth', or 'logged_in'. | |
* @param string $token User's session token used. | |
*/ | |
return apply_filters( 'auth_cookie', $cookie, $user_id, $expiration, $scheme, $token ); | |
} | |
endif; | |
?> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment