[nehagoyal]

for what purpose the function bb_auth is used and what value is passed to argument $scheme

[kevinjohngallagher]

function bb_auth( $scheme = 'auth' )

{ // Checks if a user has a valid cookie, if not redirects them to the main page

}

I’m guessing it “Checks if a user has a valid cookie, if not redirects them to the main page”

First link on google

[_ck_]

1.x supports SSL so scheme can also be for SSL ‘secure_auth’

I guess the idea is to use a different cookie than the one exposed via http.

[Ben L.]

There’s also bb_auth( 'logged_in' ) if you aren’t checking if the user can be in bb-admin.

[Ashish Kumar (Ashfame)]

@Ben

Didn’t get your point. I can’t see that in file either functions.bb-pluggable.php

[Ben L.]

bb_auth() can be called with 'logged_in' as the $scheme to check if a user is logged in.

[Ashish Kumar (Ashfame)]

but there is nothing in the function definition for an argument 'logged-in'

how did you get that?

[nehagoyal]

@ashfame

in the function bb_salt($scheme), there are 4 cases for the variable $scheme one of which checks for the value ‘logged_in’ (all are auth, secure_auth, logged_in, nonce)

[Ashish Kumar (Ashfame)]

@nehagoyal

and we are talking of bb_auth() here. Aren’t we?

[Ben L.]

bb_auth calls bb_validate_auth_cookie, which calls WP_Auth::validate_auth_cookie, which uses a variable defined in bb-settings.php. The cookies you can check for are auth and logged_in, with auth automatically switching to secure_auth if you’re on SSL.