wp_is_password_reset_allowed_for_user( int|WP_User $user ): bool|WP_Error

Checks if password reset is allowed for a specific user.

Contents

Parameters

$user int|WP_User Required
The user to check.

Top ↑

Return

bool|WP_Error True if allowed, false or WP_Error otherwise.

Top ↑

Source

File: wp-includes/user.php. View all references 

function wp_is_password_reset_allowed_for_user( $user ) {
	if ( ! is_object( $user ) ) {
		$user = get_userdata( $user );
	}

	if ( ! $user || ! $user->exists() ) {
		return false;
	}
	$allow = true;
	if ( is_multisite() && is_user_spammy( $user ) ) {
		$allow = false;
	}

	/**
	 * Filters whether to allow a password to be reset.
	 *
	 * @since 2.7.0
	 *
	 * @param bool $allow   Whether to allow the password to be reset. Default true.
	 * @param int  $user_id The ID of the user attempting to reset a password.
	 */
	return apply_filters( 'allow_password_reset', $allow, $user->ID );
}

View on Trac View on GitHub

Top ↑

Hooks

Top ↑

Top ↑

Changelog

Changelog
Version Description
6.3.0 Introduced.

Top ↑

User Contributed Notes

  1. Skip to note 1 content
    You must log in to vote on the helpfulness of this noteVote results for this note: 0You must log in to vote on the helpfulness of this note
    Contributed by LumberHack

    You can prevent specific user roles from reseting passwords using this filter like below

    add_filter( 'allow_password_reset', 'wpdocs_disallow_password_reset' );

function wpdocs_disallow_password_reset( $allow, $user->ID ) {
	$user = get_userdata( $user->ID );
	
	if ( in_array( 'author', (array) $user->roles ) ) {
		return false;
	} 

	return $allow;
}

You must log in before being able to contribute a note or feedback.