Wordpress password reset hook
Yes, there are hooks for this in /wp-login.php
(password reset) and /wp-admin/includes/user.php
(password change in user page).
# When reseting password in wp-login
add_action( 'password_reset', function( $user, $pass )
{
var_dump( $pass );
die();
}, 10, 2 );
and
# When checking if passwords match
add_action( 'check_passwords', function( $user, $pass1, $pass2 )
{
var_dump( $pass1 );
die();
}, 10, 3 );
neanderslob
Updated on June 04, 2022Comments
-
neanderslob almost 2 years
I'm trying to do something with wordpress passwords that may or maynot be considered kosher.
Situation:
Basically I have two different services both requiring passwords. One of these services is a simple wordpress account and one is another app, having nothing to do with wordpress. I would like to sync usernames and passwords across the two, meaning that every time a wordpress username changes, the app's username changes and every time the wordpress password changes, the app's password changes.Problem/Question:
There are several ways I could deal with the username, but the password is the tricky one. I 'm looking to exploit a hook from the wordpress password reset interface so that any time a new password is set, it grabs it in its plain-text form (before it's hashed) and sends it to an API that I'm using to hash/store the passwords separately for this non-wordpress app. Is there a way to accomplish this?Any shots at a solution are much appreciated.