authenticate WordPress Filter Hook

The authenticate WordPress hook is used to authenticate a user. It is called whenever a user tries to log in to WordPress. This hook can be used to authenticate a user using their username and password, or by using a third-party service such as Google or Facebook.

apply_filters( 'authenticate', null|WP_User|WP_Error $user, string $username, string $password ) #

Filters whether a set of user login credentials are valid.

Contents

Description

A WP_User object is returned if the credentials authenticate a user. WP_Error or null otherwise.

Top ↑

Parameters

$user

(null|WP_User|WP_Error)WP_User if the user is authenticated. WP_Error or null otherwise.

$username

(string)Username or email address.

$password

(string)User password

Top ↑

More Information

The authenticate filter hook is used to perform additional validation/authentication any time a user logs in to WordPress.

The wp_authenticate_user filter can also be used if you want to perform any additional validation after WordPress’s basic validation, but before a user is logged in.

The default authenticate filters in /wp-includes/default-filters.php

add_filter( 'authenticate', 'wp_authenticate_username_password',  20, 3 );
add_filter( 'authenticate', 'wp_authenticate_email_password',     20, 3 );
add_filter( 'authenticate', 'wp_authenticate_spam_check',         99    );

Top ↑

Source

File: wp-includes/pluggable.php

View on Trac

Top ↑

Top ↑

Changelog

Changelog
VersionDescription
4.5.0$username now accepts an email address.
2.8.0Introduced.
Download the latest version of WordPress from https://wordpress.org/

The content displayed on this page has been created in part by processing WordPress source code files which are made available under the GPLv2 (or a later version) license by theĀ Free Software Foundation. In addition to this, the content includes user-written examples and information. All material is subject to review and curation by the WPPaste.com community.

Show More