Generates authentication cookie contents.
(int) (Required) User ID.
(int) (Required) The time the cookie expires as a UNIX timestamp.
(string) (Optional) The cookie scheme to use: 'auth', 'secure_auth', or 'logged_in'.
Default value: 'auth'
(string) (Optional) User's session token to use for this cookie.
Default value: ''
(string) Authentication cookie contents. Empty string if user does not exist.
File: wp-includes/pluggable.php
function wp_generate_auth_cookie( $user_id, $expiration, $scheme = 'auth', $token = '' ) { $user = get_userdata( $user_id ); if ( ! $user ) { return ''; } if ( ! $token ) { $manager = WP_Session_Tokens::get_instance( $user_id ); $token = $manager->create( $expiration ); } $pass_frag = substr( $user->user_pass, 8, 4 ); $key = wp_hash( $user->user_login . '|' . $pass_frag . '|' . $expiration . '|' . $token, $scheme ); // If ext/hash is not present, compat.php's hash_hmac() does not support sha256. $algo = function_exists( 'hash' ) ? 'sha256' : 'sha1'; $hash = hash_hmac( $algo, $user->user_login . '|' . $expiration . '|' . $token, $key ); $cookie = $user->user_login . '|' . $expiration . '|' . $token . '|' . $hash; /** * Filters the authentication cookie. * * @since 2.5.0 * @since 4.0.0 The `$token` parameter was added. * * @param string $cookie Authentication cookie. * @param int $user_id User ID. * @param int $expiration The time the cookie expires as a UNIX timestamp. * @param string $scheme Cookie scheme used. Accepts 'auth', 'secure_auth', or 'logged_in'. * @param string $token User's session token used. */ return apply_filters( 'auth_cookie', $cookie, $user_id, $expiration, $scheme, $token ); }
| Version | Description |
|---|---|
| 4.0.0 | The $token parameter was added. |
| 2.5.0 | Introduced. |
© 2003–2019 WordPress Foundation
Licensed under the GNU GPLv2+ License.
https://developer.wordpress.org/reference/functions/wp_generate_auth_cookie