wp_generate_auth_cookie( int $user_id, int $expiration, string $scheme = 'auth', string $token = '' ): string

Generates authentication cookie contents.

Parameters
Return
Source
Hooks
Related
- Uses
- Used By
Changelog
User Contributed Notes

Parameters

$user_id int Required: User ID.
$expiration int Required: The time the cookie expires as a UNIX timestamp.
$scheme string Optional: The cookie scheme to use: 'auth', 'secure_auth', or 'logged_in'.
Default 'auth'.

Default: 'auth'
$token string Optional: User's session token to use for this cookie.

Default: ''

Top ↑

Return

string Authentication cookie contents. Empty string if user does not exist.

Top ↑

Source

File: wp-includes/pluggable.php. View all references

function wp_generate_auth_cookie( $user_id, $expiration, $scheme = 'auth', $token = '' ) {
	$user = get_userdata( $user_id );
	if ( ! $user ) {
		return '';
	}

	if ( ! $token ) {
		$manager = WP_Session_Tokens::get_instance( $user_id );
		$token   = $manager->create( $expiration );
	}

	$pass_frag = substr( $user->user_pass, 8, 4 );

	$key = wp_hash( $user->user_login . '|' . $pass_frag . '|' . $expiration . '|' . $token, $scheme );

	// If ext/hash is not present, compat.php's hash_hmac() does not support sha256.
	$algo = function_exists( 'hash' ) ? 'sha256' : 'sha1';
	$hash = hash_hmac( $algo, $user->user_login . '|' . $expiration . '|' . $token, $key );

	$cookie = $user->user_login . '|' . $expiration . '|' . $token . '|' . $hash;

	/**
	 * Filters the authentication cookie.
	 *
	 * @since 2.5.0
	 * @since 4.0.0 The `$token` parameter was added.
	 *
	 * @param string $cookie     Authentication cookie.
	 * @param int    $user_id    User ID.
	 * @param int    $expiration The time the cookie expires as a UNIX timestamp.
	 * @param string $scheme     Cookie scheme used. Accepts 'auth', 'secure_auth', or 'logged_in'.
	 * @param string $token      User's session token used.
	 */
	return apply_filters( 'auth_cookie', $cookie, $user_id, $expiration, $scheme, $token );
}

View on Trac View on GitHub

Top ↑

Hooks

apply_filters( 'auth_cookie', string $cookie, int $user_id, int $expiration, string $scheme, string $token )

Filters the authentication cookie.

Top ↑

Uses

Uses
Uses	Description
WP_Session_Tokens::get_instance() wp-includes/class-wp-session-tokens.php	Retrieves a session manager instance for a user.
wp_hash() wp-includes/pluggable.php	Gets hash of given string.
get_userdata() wp-includes/pluggable.php	Retrieves user info by user ID.
apply_filters() wp-includes/plugin.php	Calls the callback functions that have been added to a filter hook.

Show 2 more uses Hide more uses

Top ↑

Used By

Used By
Used By	Description
wp_set_auth_cookie() wp-includes/pluggable.php	Sets the authentication cookies based on user ID.

Top ↑

Changelog

Changelog
Version	Description
4.0.0	The `$token` parameter was added.
2.5.0	Introduced.

Top ↑

User Contributed Notes

You must log in before being able to contribute a note or feedback.

Developer Resources

wp_generate_auth_cookie( int $user_id, int $expiration, string $scheme = 'auth', string $token = '' ): string

Contents

Parameters

Return

Source

Hooks

Changelog

User Contributed Notes