From 51efe1c01b923e68ed9732ec7f692165e8e0c4b3 Mon Sep 17 00:00:00 2001
From: Thrijith Thankachan <thrijith13@gmail.com>
Date: Tue, 13 Feb 2018 01:48:07 +0530
Subject: [PATCH 1/2] add check-password subcommand to validate user
 credentials

---
 features/user.feature | 21 +++++++++++++++++++++
 src/User_Command.php  | 37 +++++++++++++++++++++++++++++++++++++
 2 files changed, 58 insertions(+)

diff --git a/features/user.feature b/features/user.feature
index 1ddc1fcb4..fc2fa274f 100644
--- a/features/user.feature
+++ b/features/user.feature
@@ -64,6 +64,27 @@ Feature: Manage WordPress users
     When I run `wp user delete {USER_ID} --yes`
     Then STDOUT should not be empty
 
+    When I run `wp user create testuser3 testuser3@example.com --user_pass=testuser3pass`
+    Then STDOUT should not contain:
+       """
+       Password:
+       """
+
+    # Check with valid password.
+    When I run `wp user check-password testuser3 testuser3pass`
+    Then the return code should be 0
+
+    # Check with invalid password.
+    When I try `wp user check-password testuser3 invalidpass`
+    Then the return code should be 1
+
+    When I try `wp user check-password invaliduser randomstring`
+    Then STDERR should contain:
+      """
+      Invalid user ID, email or login: 'invaliduser'
+      """
+    And the return code should be 1
+
   Scenario: Reassigning user posts
     Given a WP multisite install
 
diff --git a/src/User_Command.php b/src/User_Command.php
index de54d57be..507b0a962 100644
--- a/src/User_Command.php
+++ b/src/User_Command.php
@@ -1197,4 +1197,41 @@ private function update_msuser_status( $user_ids, $pref, $value ) {
 		Utils\report_batch_operation_results( 'user', $verb, count( $user_ids ), $successes, $errors );
 	}
 
+	/**
+	 * Checks if given user credentials are valid or not.
+	 *
+	 * ## OPTIONS
+	 *
+	 * <user>
+	 * : The user login or user email of the user to check credentials.
+	 *
+	 * <user_pass>
+	 * : A string that contains the plain text password for the user.
+	 *
+	 * ## EXAMPLES
+	 *
+	 *     # Check whether given credentials are valid; exit status 0 if valid, otherwise 1
+	 *     $ wp user check-password admin adminpass
+	 *     $ echo $?
+	 *     1
+	 *
+	 *     # Bash script for checking whether given credentials are valid or not
+	 *     if ! $(wp user check-password admin adminpass); then
+	 *      notify-send "Invalid Credentials";
+	 *     fi
+	 *
+	 * @subcommand check-password
+	 */
+	public function check_password( $args ) {
+
+		$user      = $this->fetcher->get_check( $args[0] );
+		$user_pass = $args[1];
+
+		if ( wp_check_password( $user_pass, $user->data->user_pass, $user->ID ) ) {
+			WP_CLI::halt( 0 );
+		} else {
+			WP_CLI::halt( 1 );
+		}
+	}
+
 }

From 60a1d2c0593da9d6a55a5ce4ed5a7928f4fddb64 Mon Sep 17 00:00:00 2001
From: Thrijith Thankachan <thrijith13@gmail.com>
Date: Tue, 13 Feb 2018 21:57:11 +0530
Subject: [PATCH 2/2] update code according to review

---
 src/User_Command.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/User_Command.php b/src/User_Command.php
index 507b0a962..a7f2b5faa 100644
--- a/src/User_Command.php
+++ b/src/User_Command.php
@@ -1198,12 +1198,12 @@ private function update_msuser_status( $user_ids, $pref, $value ) {
 	}
 
 	/**
-	 * Checks if given user credentials are valid or not.
+	 * Checks if a user's password is valid or not.
 	 *
 	 * ## OPTIONS
 	 *
 	 * <user>
-	 * : The user login or user email of the user to check credentials.
+	 * : The user login, user email or user ID of the user to check credentials for.
 	 *
 	 * <user_pass>
 	 * : A string that contains the plain text password for the user.