Get new, hashed password after password reset in WordPress

Question

How can I get the hashed value of the new password after a user performs password reset in WordPress?

I am using hook, after_password_reset, in my functions.php file, but $user->user_pass provides the old hashed password value (the hashed password prior to the password reset), and $new_pass provides the plain text of new password (not hashed).

I do not understand why $user->user_pass provides the old password, since the hook is performed after the new password has been reset.

Example code:

function action_after_password_reset( $user, $new_pass ) {

    $hashed_old_pass = $user->user_pass; // old hashed password, before password reset

    $unhashed_new_pass = $new_pass; // plain text of new password, unhashed

};
add_action( 'after_password_reset', 'action_after_password_reset', 10, 2 ); 

It is important to me that I get the exact hashed value of the new password that is stored in the database. I realize I could use wp_hash_password($new_pass) to create another hash of the new password, but I want the exact hashed value that is in the database.

Answer 1

At the point the action runs, the user has been updated in the table, but the user object in memory does not get updated.

You should be able to load the updated user object from the database like this:

$updated_user = get_user_by('id', $user->ID);
var_dump($updated_user->user_pass);