WordPress.org

Make WordPress Core

Changeset 27484


Ignore:
Timestamp:
03/09/2014 03:22:13 PM (7 years ago)
Author:
nacin
Message:

Allow for custom authentication handlers for all requests.

Turn the logic used by wp_get_current_user() into a determine_current_user filter.

props rmccue.
fixes #26706.

Location:
trunk/src/wp-includes
Files:
3 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-includes/default-filters.php

    r27154 r27484  
    301301add_filter( 'authenticate', 'wp_authenticate_username_password',  20, 3 );
    302302add_filter( 'authenticate', 'wp_authenticate_spam_check',         99    );
     303add_filter( 'determine_current_user', 'wp_validate_auth_cookie'          );
     304add_filter( 'determine_current_user', 'wp_validate_logged_in_cookie', 20 );
    303305
    304306unset($filter, $action);
  • trunk/src/wp-includes/pluggable.php

    r27149 r27484  
    9898    }
    9999
    100     if ( ! $user = wp_validate_auth_cookie() ) {
    101          if ( is_blog_admin() || is_network_admin() || empty( $_COOKIE[LOGGED_IN_COOKIE] ) || !$user = wp_validate_auth_cookie( $_COOKIE[LOGGED_IN_COOKIE], 'logged_in' ) ) {
    102             wp_set_current_user( 0 );
    103             return false;
    104          }
    105     }
    106 
    107     wp_set_current_user( $user );
     100    /**
     101     * Determine the current user based on request data.
     102     *
     103     * The default filters use this to determine the current user from the
     104     * request's cookies, if available.
     105     *
     106     * @since 3.9.0
     107     *
     108     * @param int|boolean $user_id User ID if determined, or false otherwise.
     109     */
     110    $user_id = apply_filters( 'determine_current_user', false );
     111    if ( ! $user_id ) {
     112        wp_set_current_user( 0 );
     113        return false;
     114    }
     115
     116    wp_set_current_user( $user_id );
    108117}
    109118endif;
  • trunk/src/wp-includes/user.php

    r27354 r27484  
    218218    }
    219219    return $user;
     220}
     221
     222/**
     223 * Validates logged in cookie.
     224 *
     225 * Checks the logged_in cookie if the previous auth cookie could not be
     226 * validated and parsed.
     227 *
     228 * This is a callback for the determine_current_user filter, rather than API.
     229 *
     230 * @since 3.9.0
     231 *
     232 * @param int|boolean $user The user ID (or false) as received from the determine_current_user filter.
     233 * @return int|boolean User ID if validated, or false otherwise. If it receives a user ID from
     234 *                     an earlier filter callback, that value is returned.
     235 */
     236function wp_validate_logged_in_cookie( $user_id ) {
     237    if ( $user_id ) {
     238        return $user_id;
     239    }
     240
     241    if ( is_blog_admin() || is_network_admin() || empty( $_COOKIE[LOGGED_IN_COOKIE] ) ) {
     242        return false;
     243    }
     244
     245    return wp_validate_auth_cookie( $_COOKIE[LOGGED_IN_COOKIE], 'logged_in' );
    220246}
    221247
Note: See TracChangeset for help on using the changeset viewer.