Introduce a `$token` argument to `wp_set_auth_cookie()` so session tokens can be reused by custom authentication implementations.
Props rmccue Fixes 30247 Built from https://develop.svn.wordpress.org/trunk@32465 git-svn-id: http://core.svn.wordpress.org/trunk@32435 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
parent
2c42a665a2
commit
bb02256966
|
@ -822,13 +822,15 @@ if ( !function_exists('wp_set_auth_cookie') ) :
|
|||
* set, the cookies will be kept for 14 days or two weeks.
|
||||
*
|
||||
* @since 2.5.0
|
||||
* @since 4.3.0 Added the `$token` parameter.
|
||||
*
|
||||
* @param int $user_id User ID
|
||||
* @param bool $remember Whether to remember the user
|
||||
* @param mixed $secure Whether the admin cookies should only be sent over HTTPS.
|
||||
* Default is_ssl().
|
||||
* @param string $token Optional. User's session token to use for this cookie.
|
||||
*/
|
||||
function wp_set_auth_cookie($user_id, $remember = false, $secure = '') {
|
||||
function wp_set_auth_cookie( $user_id, $remember = false, $secure = '', $token = '' ) {
|
||||
if ( $remember ) {
|
||||
/**
|
||||
* Filter the duration of the authentication cookie expiration period.
|
||||
|
@ -888,8 +890,10 @@ function wp_set_auth_cookie($user_id, $remember = false, $secure = '') {
|
|||
$scheme = 'auth';
|
||||
}
|
||||
|
||||
if ( '' === $token ) {
|
||||
$manager = WP_Session_Tokens::get_instance( $user_id );
|
||||
$token = $manager->create( $expiration );
|
||||
}
|
||||
|
||||
$auth_cookie = wp_generate_auth_cookie( $user_id, $expiration, $scheme, $token );
|
||||
$logged_in_cookie = wp_generate_auth_cookie( $user_id, $expiration, 'logged_in', $token );
|
||||
|
|
|
@ -4,7 +4,7 @@
|
|||
*
|
||||
* @global string $wp_version
|
||||
*/
|
||||
$wp_version = '4.3-alpha-32464';
|
||||
$wp_version = '4.3-alpha-32465';
|
||||
|
||||
/**
|
||||
* Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.
|
||||
|
|
Loading…
Reference in New Issue