From 2c19aee6d5ea9c00f4e13b62250ec109da50b00c Mon Sep 17 00:00:00 2001
From: Sergey Biryukov <sergeybiryukov.ru@gmail.com>
Date: Thu, 18 Jun 2020 20:24:09 +0000
Subject: [PATCH] Login and Registration: Introduce `lostpassword_errors`
 filter in `retrieve_password()` for errors encountered on a password reset
 request.

This complements the `registration_errors` filter in `register_new_user()`.

Props wpdo5ea, dilipbheda.
Fixes #49521.
Built from https://develop.svn.wordpress.org/trunk@48084


git-svn-id: http://core.svn.wordpress.org/trunk@47851 1a063a9b-81f0-0310-95a4-ce76da25c4cd
---
 wp-includes/user.php    |  2 +-
 wp-includes/version.php |  2 +-
 wp-login.php            | 17 +++++++++++++++++
 3 files changed, 19 insertions(+), 2 deletions(-)

diff --git a/wp-includes/user.php b/wp-includes/user.php
index fe2d8498f6..c174c3cedb 100644
--- a/wp-includes/user.php
+++ b/wp-includes/user.php
@@ -2553,7 +2553,7 @@ function register_new_user( $user_login, $user_email ) {
 	 * Filters the errors encountered when a new user is being registered.
 	 *
 	 * The filtered WP_Error object may, for example, contain errors for an invalid
-	 * or existing username or email address. A WP_Error object should always returned,
+	 * or existing username or email address. A WP_Error object should always be returned,
 	 * but may or may not contain errors.
 	 *
 	 * If any errors are present in $errors, this will abort the user's registration.
diff --git a/wp-includes/version.php b/wp-includes/version.php
index 14df24d35f..9831c07128 100644
--- a/wp-includes/version.php
+++ b/wp-includes/version.php
@@ -13,7 +13,7 @@
  *
  * @global string $wp_version
  */
-$wp_version = '5.5-alpha-48083';
+$wp_version = '5.5-alpha-48084';
 
 /**
  * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.
diff --git a/wp-login.php b/wp-login.php
index 51cd7de3ac..314e7fe42d 100644
--- a/wp-login.php
+++ b/wp-login.php
@@ -382,6 +382,23 @@ function retrieve_password() {
 	 */
 	do_action( 'lostpassword_post', $errors, $user_data );
 
+	/**
+	 * Filters the errors encountered on a password reset request.
+	 *
+	 * The filtered WP_Error object may, for example, contain errors for an invalid
+	 * username or email address. A WP_Error object should always be returned,
+	 * but may or may not contain errors.
+	 *
+	 * If any errors are present in $errors, this will abort the password reset request.
+	 *
+	 * @since 5.5.0
+	 *
+	 * @param WP_Error $errors A WP_Error object containing any errors generated
+	 *                         by using invalid credentials.
+	 * @param WP_User|false    WP_User object if found, false if the user does not exist.
+	 */
+	$errors = apply_filters( 'lostpassword_errors', $errors, $user_data );
+
 	if ( $errors->has_errors() ) {
 		return $errors;
 	}