[wp-trac] [WordPress Trac] #61874: Unable to access WordPress login session during login
WordPress Trac
noreply at wordpress.org
Thu Aug 15 07:01:54 UTC 2024
#61874: Unable to access WordPress login session during login
--------------------------+------------------------------
Reporter: dd32 | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Users | Version:
Severity: normal | Resolution:
Keywords: | Focuses:
--------------------------+------------------------------
Comment (by dd32):
Replying to [comment:2 dd32]:
However, that fits nicely with this next edge-case:
Going back to the `logout_redirect` filter, it's also possible to retrieve
the session token at that point in time, although the data will have been
lost (although the token is still known):
{{{#!php
add_filter( 'logout_redirect', function( $redirect,
$requested_redirect_to, $user ) {
var_dump( [
'variant' => 'logout_redirect',
'is_user_logged_in()' => is_user_logged_in(),
'$user->ID' => $user->ID,
'get_current_user_id()' => get_current_user_id(),
'wp_get_session_token()' => wp_get_session_token(),
'session_data' => WP_Session_Tokens::get_instance(
$user->ID )->get( wp_get_session_token() ),
] );
die();
}, 10, 3 );
}}}
which generates:
{{{
wp-content/mu-plugins/example.php:
array (size=6)
'variant' => string 'logout_redirect' (length=15)
'is_user_logged_in()' => boolean false
'$user->ID' => int 1
'get_current_user_id()' => int 0
'wp_get_session_token()' => string
'8XpzO0LxNDfqeHHaHduytWPFVWKYjnfBounb39FfPhK' (length=43)
'session_data' => null
}}}
Again.. the session token is known during logout, but the current user
global is unset and what data was in the session has been lost.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/61874#comment:3>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list