wpseek.com
A WordPress-centric search engine for devs and theme authors



wp_validate_application_password › WordPress Function

Since5.6.0
Deprecatedn/a
wp_validate_application_password ( $input_user )
Parameters:
  • (int|false) $input_user User ID if one has been determined, false otherwise.
    Required: Yes
Returns:
  • (int|false) The authenticated user ID if successful, false otherwise.
Defined at:
Codex:

Validates the application password credentials passed via Basic Authentication.



Related Functions: wp_authenticate_application_password, wp_is_application_passwords_available, wp_is_application_passwords_supported, wp_is_authorize_application_password_request_valid, wp_authenticate_email_password

Source 

function wp_validate_application_password( $input_user ) {
	// Don't authenticate twice.
	if ( ! empty( $input_user ) ) {
		return $input_user;
	}

	if ( ! wp_is_application_passwords_available() ) {
		return $input_user;
	}

	// Both $_SERVER['PHP_AUTH_USER'] and $_SERVER['PHP_AUTH_PW'] must be set in order to attempt authentication.
	if ( ! isset( $_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW'] ) ) {
		return $input_user;
	}

	$authenticated = wp_authenticate_application_password( null, $_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW'] );

	if ( $authenticated instanceof WP_User ) {
		return $authenticated->ID;
	}

	// If it wasn't a user what got returned, just pass on what we had received originally.
	return $input_user;
}