Stop WordPress From Ever Logging Out

You don’t always want to login in WordPress – so I’ve turned off the login for my local development environment, since I don’t need it. So far I know two ways how to do this, which I want to introduce you briefly.
Decide for yourself which is the right way for you if you don’t need a login at all or just want to change the time frame before you logged out again.

The hard way

The first code snippet is my own solution. WordPress gives you the possibility to replace some functions directly in the core, without Plugin or via Hooks. You can find all functions for this in wp-includes/pluggable.php. There you can find, since version 2.5 of WordPress, the function wp_validate_auth_cookie(). It takes care to check the login, which I replace in my local development environment, since my site it is not accessible for anybody else. This functions gives back, if you logged in correctly, the ID of the user and that’s exactly what I’m doing. ID 1 for Admin, should exist if you didn’t change it after the installation of WordPress.
I put the following function in wp-config.php.

/**
 * Set authentication cookie.
 *
 * @param string $cookie Optional. If used, will validate contents instead of cookie's
 * @param string $scheme Optional. The cookie scheme to use: auth, secure_auth, or logged_in
 * @return bool|int False if invalid cookie, User ID if valid.
 */
//*
function wp_validate_auth_cookie( $cookie = '', $scheme = '' ) {
	$user_ID = (int) 1; // admin user id
	return $user_ID;
}
//*/

The block-comment-trick

If you need under certain circumstances the login for some tests then you can comment out this function. I will explain briefly the comment characters in this code, which you probably noticed.

We talk about the following characters:

//*
function ...
//*/

I just have to change the slashes in /* and the content is comment out. I got this tip from Aleem Bawany; he explains it thoroughly in his article.

Alternatively, you can also create a safe option and go many other ways – this is my path and it is simple and controllable.

Expand time of the cookie

I found on StackExchange another solution, which is much more safe and probably usable on live sites. You just change via hook the time of the cookie. At default is the „Remember me“-Checkbox set to 14 days, the following function changes it to a year. So the actual login still exists, only the time frame changes.

function keep_me_logged_in_for_1_year( $expirein ) {
    return 31556926; // 1 year in seconds
}
add_filter( 'auth_cookie_expiration', 'keep_me_logged_in_for_1_year' );

This solution was published by Alex (Viper007Bond) and it’s worth reading the comments, especially about create_function within the filter hook.
This function belongs in a Plugin or in the functions.php of the theme if it is necessary.

Two solutions with different approaches and usage. Maybe you know other solutions and let us know in the comment area.


Posted

in

by

Comments

7 responses to “Stop WordPress From Ever Logging Out”

  1. ozh Avatar

    Your “hard way” doesn’t do exactly what the post title says: it doesn’t “stop from logging out”, actually it totally bypasses the whole logging. I use exactly the same trick in my no login plugin.

    The correct way to prevent from logging out, hence actually still have a login system, is the cookie expiration.

  2. […] Stop WordPress From Ever Logging Out – WordPress, This, Optional, Plugin, StackExchange, Expan…. Onderwerp: WordPress Snippets Tags: cookie, Functions.php « Hoe de WordPress Admin […]

  3. Bjorn van der Neut Avatar

    I think your first solution can be a bit smaller:

    function wp_validate_auth_cookie( $cookie = '', $scheme = '' ) {
    return 1; // 1 = admin user
    }

    nice post as always 🙂

  4. Frank Bültge Avatar

    @ozh: thanks for share your plugin, i will see this in the next days.

    @Bjorn: right; but is ont so clearly for readers – this is my reason for this long way 😉 Thanks for your comment!

  5. Saleah @ tazalinks.com Avatar

    nice plugin, but i think this is a security risk, in case some one else get access to your pc and ruin your blog

    cheerz

  6. […] Stop WordPress From Ever Logging Out (WP Engineer) […]

  7. Thomas Herold Avatar

    Excellent! I was looking for such a solution for a long time.

    Thomas