wphooks.info - auth_cookie_bad_hash

auth_cookie_bad_hash

(trunk - 5.0-alpha-43293)

The hook occurs in the following file:

wp-includes/pluggable.php:
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
		$hash = hash_hmac( $algo, $username . '|' . $expiration . '|' . $token, $key );

		if ( ! hash_equals( $hash, $hmac ) ) {
			/**
			 * Fires if a bad authentication cookie hash is encountered.
			 *
			 * @since 2.7.0
			 *
			 * @param array $cookie_elements An array of data for the authentication cookie.
			 */
			do_action( 'auth_cookie_bad_hash', $cookie_elements );
			return false;
		}

		$manager = WP_Session_Tokens::get_instance( $user->ID );
		if ( ! $manager->verify( $token ) ) {
			do_action( 'auth_cookie_bad_session_token', $cookie_elements );
			return false;
		}