我有一个插件,我正在使用add_action
挂接到auth_cookie_valid
来更改登录cookie的处理方式。
我想在挂钩内创建一个过滤器,以允许用户稍微控制逻辑。
我在auth_cookie_valid
钩子中放入了这个钩子,其默认值为false
,然后应用了过滤器:
$allowDuplicateSessions = false;
$allowDuplicateSessions = apply_filters('persistent_login_allow_duplicate_sessions', $allowDuplicateSessions);
,在functions.php
中,我要做到这一点:
function handle_persistent_login_allow_duplicate_sessions($allowDuplicateSessions) {
$allowDuplicateSessions = true;
return $allowDuplicateSessions;
}
add_filter('persistent_login_allow_duplicate_sessions', 'handle_persistent_login_allow_duplicate_sessions');
但是,$allowDuplicateSessions
始终返回false。
我想知道functions.php
中的过滤器是否为auth_cookie_valid
挂钩运行得太晚了?我在文档中还没有发现任何东西。
之所以这样想是因为我将我的apply_filters
代码移到了wp_footer
动作钩子上,并返回了true
。所以我开始认为问题出在auth_cookie_valid
上?
下面要求的功能(我删除了许多无关的行,因为它是一个很大的功能:
// update auth cookie with new login time, expiry time & IP address
function persistent_login_update_auth_cookie($cookieElements, $user) {
if( $user ) :
$persistent_login_roles = get_option( 'persistent_login_options_user_access' );
if( $persistent_login_roles ) :
if( array_intersect($user->roles, $persistent_login_roles) ) :
// update the cookie expiration time
$options = get_option('persistent_login_options_premium');
if( $options ) :
$expiration = $options['cookieTime'];
else :
$expiration = strtotime('1 year', 0); // 1 year default
endif;
// update the IP address and login time of the cookie
$sessionToken = $cookieElements['token'];
if ( function_exists( 'hash' ) ) :
$verifier = hash('sha256', $sessionToken);
else :
$verifier = sha1( $sessionToken);
endif;
$sessions = get_user_meta($user->ID, 'session_tokens', true);
$sessions[$verifier]['login'] = time();
$sessions[$verifier]['expiration'] = time()+$expiration;
$sessions[$verifier]['ip'] = $_SERVER["REMOTE_ADDR"];
// update the token with new data
$wp_session_token = WP_Session_Tokens::get_instance($user->ID);
$wp_session_token->update( $sessionToken, $sessions[$verifier]);
// apply filter for allowing duplicate sessions
$allowDuplicateSessions = false;
$allowDuplicateSessions = apply_filters('persistent_login_allow_duplicate_sessions', $allowDuplicateSessions);
// remove any exact matches to this session
foreach ($sessions as $key => $session) :
if( $key !== $verifier ) :
if( is_bool($allowDuplicateSessions) ) :
if( $allowDuplicateSessions === false ) :
// if we're on the same user agent and same IP, we're probably on the same device
// delete the duplicate session
if(
($session['ip'] === $sessions[$verifier]['ip']) &&
($session['ua'] === $sessions[$verifier]['ua'])
) :
$updateSession = new Persistent_Login_Manage_Sessions($user->ID);
$updateSession->persistent_login_update_session($key);
endif;
endif;
else :
return new WP_Error( 'broke', __( "Error, expected boolean value in persistent_login_allow_duplicate_sessions filter." ) );
endif; // end boolean check
endif; // if key is different to identifier
endforeach;
// set users local cookie again - checks if they should be remembered
$rememberUserCheck = get_user_meta($user->ID, 'persistent_login_remember_me', true);
if( $rememberUserCheck === 'true' ) :
// if the user should be remembered, reset the cookie so the cookie time is reset
wp_set_auth_cookie($user->ID, true, is_ssl(), $sessionToken);
else :
// if the users doen't want to be remembered, don't re-set the cookie
endif;
endif; // end if roles match the user roles
endif; // endif persistent login roles
endif; // endif user
}
add_action('auth_cookie_valid', 'persistent_login_update_auth_cookie', 10, 2);