From 5553e0112af7098a4e4fe4821bacfa8f0e6efead Mon Sep 17 00:00:00 2001
From: John Blackbourn <johnbillion@git.wordpress.org>
Date: Thu, 7 Jan 2021 17:24:32 +0000
Subject: [PATCH] Login and Registration: Introduce the
 `lostpassword_user_data` filter which allows for the user data object during
 a password reset request to be filtered.

Props marcelo2605

Fixes #51924


git-svn-id: https://develop.svn.wordpress.org/trunk@49945 602fd350-edb4-49c9-b593-d223f7449a82
---
 src/wp-login.php | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/src/wp-login.php b/src/wp-login.php
index f244433609..700901f857 100644
--- a/src/wp-login.php
+++ b/src/wp-login.php
@@ -369,6 +369,19 @@ function retrieve_password() {
 		$user_data = get_user_by( 'login', $login );
 	}
 
+	/**
+	 * Filters the user data during a password reset request.
+	 *
+	 * Allows, for example, custom validation using data other than username or email address.
+	 *
+	 * @since 5.7.0
+	 *
+	 * @param WP_User|false $user_data WP_User object if found, false if the user does not exist.
+	 * @param WP_Error      $errors    A WP_Error object containing any errors generated
+	 *                                 by using invalid credentials.
+	 */
+	$user_data = apply_filters( 'lostpassword_user_data', $user_data, $errors );
+
 	/**
 	 * Fires before errors are returned from a password reset request.
 	 *