Storing Dropbox Authentication?

I’m not familiar with the Dropbox API or their libraries, but most likely you’ll need to write your own session handler to store the session data in your WP DB (or wherever you want, safely) and associate it with your user account. Essentially adusting this line: $storage = new \Dropbox\OAuth\Storage\Session($encrypter);. EDIT: If it’s the WordPress … Read more

WP set auth cookie using Ajax is not saved to browser

I assume that your custom dashboard is on a different domain/subdomain than the WordPress installation. Cookies can only be set for the current domain. Typically cookies will not work cross domain. So your dashboard cannot create a cookie for the WordPress website. Theoretically it’s possible to bypass with some server configurations, but this technique has … Read more

How do I use the WP REST API plugin and the OAuth Server plugin to allow for registration and login?

I know it’s a bit far fetched, but might help. For anyone looking for WP REST API implementation with JWT, here’s our solution. Add it to your function.php add_action(‘rest_api_init’, ‘wp_rest_user_endpoints’); /** * Register a new user * * @param WP_REST_Request $request Full details about the request. * @return array $args. **/ function wp_rest_user_endpoints($request) { /** … Read more

Keep Users Logged In As Long As I Like

What you found is actually perfectly accurate. With WP’s commitment to backwards compatibility it’s not that common for thing to stop working. This filter is used in wp_set_auth_cookie() to calculate the duration. Resulting value is used in PHP’s setcookie(). There is no mention of specifics limits in documentation, so in practice the value is limited … Read more

Should wordpress_logged_in cookie exist while logged out?

The function wp_logout (https://github.com/WordPress/WordPress/blob/master/wp-includes/pluggable.php#L564) calls the function wp_clear_auth_cookie (https://github.com/WordPress/WordPress/blob/master/wp-includes/pluggable.php#L928) which sets the expiration dates of all involved cookies to something in the past. Also for the LOGGED_IN_COOKIE. Hence, what you observe is strange. For sites that I maintain, the cookie will be cleared when I log out.