login-debug.php

@@ -37,6 +37,14 @@ add_action('auth_cookie_bad_hash', 'debug_login_auth_cookie_bad_hash');
 function debug_login_auth_cookie_bad_session_token($cookie_elements) {
     $username = $cookie_elements['username'];
     $token = $cookie_elements['token'];
-    error_log("LOGIN: auth_cookie_bad_session_token: username={$username} token={$token}");
+
+    // Try to see if the validation fails because of session_tokens usermeta attribute.
+    $user = get_user_by('login', $username);
+    $manager = WP_Session_Tokens::get_instance( $user->ID );
+    $verifier = $manager->hash_token($token);
+    $sessions = $manager->get_sessions();
+    $session_names = implode(",", array_keys($sessions));
+
+    error_log("LOGIN: auth_cookie_bad_session_token: username={$username} token={$token} verifier={$verifier} sessions={$session_names}");
 }
 add_action('auth_cookie_bad_session_token', 'debug_login_auth_cookie_bad_session_token');