Opened 9 years ago
Closed 9 years ago
#34180 closed enhancement (fixed)
Generate and Retrieve Password Reset Key Without Sorcery
Reported by: | kirasong | Owned by: | SergeyBiryukov |
---|---|---|---|
Milestone: | 4.4 | Priority: | normal |
Severity: | normal | Version: | |
Component: | Login and Registration | Keywords: | has-patch commit |
Focuses: | Cc: |
Description
Internally, we have the need to create a WordPress Reset Password link via WP-CLI.
This is something that's currently quite difficult, since the keys are created within retrieve_password()
in wp-login.php
, making the only apparent way to get one to fake a POST request to wp-login.php
with appropriate username, then filter key
in retrieve_password_message
, while also returning false
to fake a send email failure, and keeping the wp_die()
that follows from affecting anything.
Obviously, this is not ideal. After chatting with @markjaquith about this, he suggested a ticket and patch to refactor a bit of retrieve_password()
to make it simpler.
Attached is a first pass, get_password_reset_key()
, which takes a WP_User
, for compatibility with existing filters, and lets the existing associated actions and filters continue to block creation, for backcompat.
Attachments (2)
Change History (11)
This ticket was mentioned in Slack in #core by mike. View the logs.
9 years ago
#3
@
9 years ago
+∞
We've explored using this internally as well. Eventually I just ended up writing my own subcommand class and copied a bunch of the code over. And eventually, we just abandoned it and haven't really touched it for a year-ish.
Screenshot of the function: https://cloudup.com/ih46qxH0pG8
As you can see, its pretty much copy/pasta, and not really ideal, not fun to maintain in case of changes, etc.
#7
@
9 years ago
- Resolution fixed deleted
- Status changed from closed to reopened
34180.patch WP_Error is not a function.
First Pass