Make WordPress Core


Ignore:
Timestamp:
04/13/2024 04:31:55 PM (3 months ago)
Author:
SergeyBiryukov
Message:

Users: Account for returning false from the authenticate filter.

While technically only null, WP_User, or WP_Error should be returned from the authenticate filter, a plugin might return boolean false instead, which would trigger the authentication_failed error prior to [57882].

This commit aims to preserve that behavior in case false is returned.

Follow-up to [57882].

Props johnbillion.
See #60700.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/tests/phpunit/tests/auth.php

    r57987 r57990  
    435435
    436436    /**
     437     * @ticket 60700
     438     */
     439    public function test_authenticate_filter() {
     440        add_filter( 'authenticate', '__return_null', 20 );
     441        $this->assertInstanceOf( 'WP_Error', wp_authenticate( self::USER_LOGIN, self::USER_PASS ) );
     442        add_filter( 'authenticate', '__return_false', 20 );
     443        $this->assertInstanceOf( 'WP_Error', wp_authenticate( self::USER_LOGIN, self::USER_PASS ) );
     444    }
     445
     446    /**
    437447     * @ticket 36476
    438448     */
Note: See TracChangeset for help on using the changeset viewer.