Class: WP_User_Meta_Session_Tokens

Extends WP_Session_Tokens

Meta-based user sessions token manager.

Properties


Properties

Name Type(s) Default Value Summary
user_id integer Inherited ⋅ User ID.

Methods

WP_User_Meta_Session_Tokens:: __construct( integer $user_id )

Protected constructor. Since 4.0.0.

Arguments

Name Type(s) Default Value Description
$user_id integer

User whose session to manage.


WP_User_Meta_Session_Tokens:: create( integer $expiration )

Generate a session token and attach session information to it. Since 4.0.0.

A session token is a long, random string. It is used in a cookie link that cookie to an expiration time and to ensure the cookie becomes invalidated upon logout.

This function generates a token and stores it with the associated expiration time (and potentially other session information via the \'attach_session_information' filter).

Arguments

Name Type(s) Default Value Description
$expiration integer

Session expiration timestamp.

Returns

string

Session token.


WP_User_Meta_Session_Tokens:: destroy( string $token )

Destroy a session token. Since 4.0.0.

Arguments

Name Type(s) Default Value Description
$token string

Session token to destroy.


WP_User_Meta_Session_Tokens:: destroy_all( )

Destroy all session tokens for a user. Since 4.0.0.


WP_User_Meta_Session_Tokens:: destroy_all_for_all_users( )

Destroy all session tokens for all users. Since 4.0.0.


WP_User_Meta_Session_Tokens:: destroy_all_sessions( )

This method should destroy all sessions for a user. Since 4.0.0.


WP_User_Meta_Session_Tokens:: destroy_other_sessions( string $verifier )

This method should destroy all session tokens for this user, except a single session passed. Since 4.0.0.

Arguments

Name Type(s) Default Value Description
$verifier string

Verifier of the session to keep.


WP_User_Meta_Session_Tokens:: destroy_others( string $token_to_keep )

Destroy all session tokens for this user, except a single token, presumably the one in use. Since 4.0.0.

Arguments

Name Type(s) Default Value Description
$token_to_keep string

Session token to keep.


WP_User_Meta_Session_Tokens:: drop_sessions( )

This static method should destroy all session tokens for all users. Since 4.0.0.


WP_User_Meta_Session_Tokens:: get( string $token )

Get a user's session. Since 4.0.0.

Arguments

Name Type(s) Default Value Description
$token string

Session token

Returns

array

User session


WP_User_Meta_Session_Tokens:: get_all( )

Retrieve all sessions of a user. Since 4.0.0.

Returns

array

Sessions of a user.


WP_User_Meta_Session_Tokens:: get_instance( integer $user_id )

Retrieves a session token manager instance for a user. Since 4.0.0.

This method contains a \'session_token_manager' filter, allowing a plugin to swap out the session manager for a subclass of WP_Session_Tokens.

Arguments

Name Type(s) Default Value Description
$user_id integer

User whose session to manage.

Returns

WP_User_Meta_Session_Tokens

WP_User_Meta_Session_Tokens class instance by default.


WP_User_Meta_Session_Tokens:: get_session( string $verifier )

This method should look up a session by its verifier (token hash). Since 4.0.0.

Arguments

Name Type(s) Default Value Description
$verifier string

Verifier of the session to retrieve.

Returns

array | null

The session, or null if it does not exist.


WP_User_Meta_Session_Tokens:: get_sessions( )

This method should retrieve all sessions of a user, keyed by verifier. Since 4.0.0.

Returns

array

Sessions of a user, keyed by verifier.


WP_User_Meta_Session_Tokens:: hash_token( string $token )

Hashes a session token for storage. Since 4.0.0.

Arguments

Name Type(s) Default Value Description
$token string

Session token to hash.

Returns

string

A hash of the session token (a verifier).


WP_User_Meta_Session_Tokens:: is_still_valid( array $session )

Determine whether a session token is still valid, based on expiration. Since 4.0.0.

Arguments

Name Type(s) Default Value Description
$session array

Session to check.

Returns

boolean

Whether session is valid.


WP_User_Meta_Session_Tokens:: prepare_session( mixed $session )

Converts an expiration to an array of session information.

Arguments

Name Type(s) Default Value Description
$session mixed

Session or expiration.

Returns

array

Session.


WP_User_Meta_Session_Tokens:: update( string $token, array $session )

Update a session token. Since 4.0.0.

Arguments

Name Type(s) Default Value Description
$token string

Session token to update.

$session array

Session information.


WP_User_Meta_Session_Tokens:: update_session( string $verifier, array $session = null )

This method should update a session by its verifier. Since 4.0.0.

Omitting the second argument should destroy the session.

Arguments

Name Type(s) Default Value Description
$verifier string

Verifier of the session to update.

$session array

Optional. Session. Omitting this argument destroys the session.


WP_User_Meta_Session_Tokens:: update_sessions( array $sessions )

Update a user's sessions in the usermeta table. Since 4.0.0.

Arguments

Name Type(s) Default Value Description
$sessions array

Sessions.


WP_User_Meta_Session_Tokens:: verify( string $token )

Validate a user's session token as authentic. Since 4.0.0.

Checks that the given token is present and hasn't expired.

Arguments

Name Type(s) Default Value Description
$token string

Token to verify.

Returns

boolean

Whether the token is valid for the user.


WordPress Developer Newsletter

Stay on top of the latest WordPress API changes, developer tool updates, security alerts and more.