wp_authenticate_cookie( WP_User|WP_Error|null $user, string $username, string $password )

Authenticate the user using the WordPress auth cookie.

Description Description

Parameters Parameters


(WP_User|WP_Error|null) (Required) WP_User or WP_Error object from a previous callback. Default null.


(string) (Required) Username. If not empty, cancels the cookie authentication.


(string) (Required) Password. If not empty, cancels the cookie authentication.

Top ↑

Return Return

(WP_User|WP_Error) WP_User on success, WP_Error on failure.

Top ↑

Source Source

File: wp-includes/user.php

function wp_authenticate_cookie($user, $username, $password) {
	if ( $user instanceof WP_User ) {
		return $user;

	if ( empty($username) && empty($password) ) {
		$user_id = wp_validate_auth_cookie();
		if ( $user_id )
			return new WP_User($user_id);

		global $auth_secure_cookie;

		if ( $auth_secure_cookie )
			$auth_cookie = SECURE_AUTH_COOKIE;
			$auth_cookie = AUTH_COOKIE;

		if ( !empty($_COOKIE[$auth_cookie]) )
			return new WP_Error('expired_session', __('Please log in again.'));

		// If the cookie is not set, be silent.

	return $user;

Top ↑

Changelog Changelog

Version Description
2.8.0 Introduced.

Top ↑

User Contributed Notes User Contributed Notes

You must log in before being able to contribute a note or feedback.