[wp-trac] [WordPress Trac] #34180: Generate and Retrieve Password Reset Key Without Sorcery
WordPress Trac
noreply at wordpress.org
Wed Oct 7 01:30:40 UTC 2015
#34180: Generate and Retrieve Password Reset Key Without Sorcery
------------------------------------+-----------------------------
Reporter: DH-Shredder | Owner:
Type: enhancement | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Login and Registration | Version:
Severity: normal | Keywords: has-patch
Focuses: |
------------------------------------+-----------------------------
Internally, we have the need to create a WordPress Reset Password link via
WP-CLI.
This is something that's currently quite difficult, since the keys are
created within `retrieve_password()` in `wp-login.php`, making the only
apparent way to get one to fake a POST request to `wp-login.php` with
appropriate username, then filter `key` in `retrieve_password_message`,
while also returning `false` to fake a send email failure, and keeping the
`wp_die()` that follows from affecting anything.
Obviously, this is not ideal. After chatting with @markjaquith about this,
he suggested a ticket and patch to refactor a bit of `retrieve_password()`
to make it simpler.
Attached is a first pass, `get_password_reset_key()`, which takes a
`WP_User`, for compatibility with existing filters, and lets the existing
associated actions and filters continue to block creation, for backcompat.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/34180>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list