WP_REST_Server::check_authentication() WordPress Method
The WP_REST_Server::check_authentication() method is used to check if the current user is authenticated and has the required permissions to perform the requested action. If the user is not authenticated, a WP_Error object will be returned.
WP_REST_Server::check_authentication() #
Checks the authentication headers if supplied.
Return
(WP_Error|null) WP_Error indicates unsuccessful login, null indicates successful or no authentication provided
Source
File: wp-includes/rest-api/class-wp-rest-server.php
public function check_authentication() {
/**
* Filters REST API authentication errors.
*
* This is used to pass a WP_Error from an authentication method back to
* the API.
*
* Authentication methods should check first if they're being used, as
* multiple authentication methods can be enabled on a site (cookies,
* HTTP basic auth, OAuth). If the authentication method hooked in is
* not actually being attempted, null should be returned to indicate
* another authentication method should check instead. Similarly,
* callbacks should ensure the value is `null` before checking for
* errors.
*
* A WP_Error instance can be returned if an error occurs, and this should
* match the format used by API methods internally (that is, the `status`
* data should be used). A callback can return `true` to indicate that
* the authentication method was used, and it succeeded.
*
* @since 4.4.0
*
* @param WP_Error|null|true $errors WP_Error if authentication error, null if authentication
* method wasn't used, true if authentication succeeded.
*/
return apply_filters( 'rest_authentication_errors', null );
}
Expand full source codeCollapse full source codeView on TracView on GitHub
Changelog
| Version | Description |
|---|---|
| 4.4.0 | Introduced. |