云策 WordPress 开发者社区

钩子文档

auth_cookie_bad_session_token

查看官方原文 ↗
💡 云策文档标注

概述

auth_cookie_bad_session_token 是一个 WordPress 钩子,当遇到无效的会话令牌时触发。它主要用于处理身份验证 cookie 验证失败的情况。

关键要点

  • 钩子名称:auth_cookie_bad_session_token
  • 触发条件:当 WordPress 检测到无效的会话令牌时触发
  • 参数:$cookie_elements(数组),包含身份验证 cookie 的组件,如用户名、过期时间、令牌等,这些组件不应假设为有效,因为它们直接来自客户端提供的 cookie 值
  • 相关函数:wp_validate_auth_cookie() 用于验证身份验证 cookie
  • 引入版本:WordPress 4.0.0
📄 原文内容

Fires if a bad session token is encountered.

Parameters

$cookie_elementsstring[]
Authentication cookie components. None of the components should be assumed to be valid as they come directly from a client-provided cookie value.

  • username string
    User’s username.
  • expiration string
    The time the cookie expires as a UNIX timestamp.
  • token string
    User’s session token used.
  • hmac string
    The security hash for the cookie.
  • scheme string
    The cookie scheme to use.

Source

do_action( 'auth_cookie_bad_session_token', $cookie_elements );

View all references View on Trac View on GitHub

Used by Description
wp_validate_auth_cookie()wp-includes/pluggable.php

Validates authentication cookie.

Changelog

Version Description
4.0.0 Introduced.