/**
* echos Provider Field
*
* Echo's the settings field that allows a provider to be enabled
*
* @return void
*/
public function settings_field_provider( $provider ) {
foreach ( $this->_helper->get_all_provider_instances() as $class => $provider ) {
$enabled = in_array( $class, $this->_settings['enabled-providers'] );
echo '<input type="checkbox" id="itsec_two_factor_enabled-' . esc_attr( $class ) . '" name="itsec_two_factor[enabled-providers][]" value="' . esc_attr( get_class( $provider ) ) . '" ' . checked( $enabled, true, false ) . '/>';
echo '<label for="itsec_two_factor_enabled-' . esc_attr( $class ) . '"> ';
$provider->print_label();
echo '</label>';
do_action( 'two-factor-admin-options-' . $class, $enabled );
echo '<br />';
}
}
/**
* Gets the Two-Factor Auth provider for the specified|current user.
*
* @param int $user_id Optional. User ID. Default is 'null'.
* @return object|null
*/
public function get_primary_provider_for_user( $user_id = null ) {
if ( empty( $user_id ) || ! is_numeric( $user_id ) ) {
$user_id = get_current_user_id();
}
$providers = $this->_helper->get_enabled_provider_instances();
$available_providers = $this->get_available_providers_for_user( get_userdata( $user_id ) );
// If there's only one available provider, force that to be the primary.
if ( empty( $available_providers ) ) {
return null;
} elseif ( 1 === count( $available_providers ) ) {
$provider = key( $available_providers );
} else {
$provider = get_user_meta( $user_id, $this->_provider_user_meta_key, true );
// If the provider specified isn't enabled, just grab the first one that is.
if ( ! isset( $available_providers[ $provider ] ) ) {
$provider = key( $available_providers );
}
}
/**
* Filter the two-factor authentication provider used for this user.
*
* @param string $provider The provider currently being used.
* @param int $user_id The user ID.
*/
$provider = apply_filters( 'two_factor_primary_provider_for_user', $provider, $user_id );
if ( isset( $providers[ $provider ] ) ) {
return $providers[ $provider ];
}
return null;
}
/**
* Function to instantiate our class and make it a singleton
*/
public static function get_instance() {
if ( ! self::$instance ) {
self::$instance = new self;
}
return self::$instance;
}
/**
* Execute module upgrade
*
* @return void
*/
public function execute_upgrade( $old, $new ) {
// Upgrade to new provider module system
if ( $old < 4038 ) {
global $wpdb;
$settings = get_site_option( 'itsec_two_factor' );
// If two-factor wasn't enabled or already has providers for some reason, don't worry about upgrading it
if ( ! isset( $settings['enabled'] ) || ! $settings['enabled'] || ! empty( $settings['enabled-providers'] ) ) {
return;
}
$settings = array(
'enabled' => true,
'enabled-providers' => array(
'Two_Factor_Totp',
'Two_Factor_Backup_Codes'
)
);
update_site_option( 'itsec_two_factor', $settings );
// Instantiate enabled providers so we can handle all the updating
$helper = ITSEC_Two_Factor_Helper::get_instance();
$helper->get_enabled_provider_instances( true );
/**
* Migrate all app passes to new system
*/
$meta_results = $wpdb->get_results( "SELECT * FROM `{$wpdb->usermeta}` WHERE `meta_key` = 'itsec_two_factor_app_pass'" );
foreach ( $meta_results as $user_meta ) {
// New Style Passwords, in case any exist from other compatible plugins
$passwords = Application_Passwords::get_user_application_passwords( $user_meta->user_id );
if ( ! $passwords ) {
$passwords = array();
}
$app_passwords = maybe_unserialize( $user_meta->meta_value );
if ( is_array( $app_passwords ) ) {
foreach ( $app_passwords as $name => $app_password ) {
$passwords[] = array(
'name' => $name,
'password' => $app_password,
'created' => time(),
'last_used' => null,
'last_ip' => null,
);
}
}
// Store them all
Application_Passwords::set_user_application_passwords( $user_meta->user_id, $passwords );
delete_user_meta( $user_meta->user_id, 'itsec_two_factor_app_pass' );
}
/**
* Enable the TOTP provider for any user that is already using two-factor
*/
$meta_results = $wpdb->get_results( "SELECT * FROM `{$wpdb->usermeta}` WHERE `meta_key` = 'itsec_two_factor_enabled'" );
foreach ( $meta_results as $user_meta ) {
// Out with the old
delete_user_meta( $user_meta->user_id, 'itsec_two_factor_enabled' );
// Enable TOTP
update_usermeta( $user_meta->user_id, '_two_factor_enabled_providers', array( 'Two_Factor_Totp' ) );
// Make TOTP default
update_usermeta( $user_meta->user_id, '_two_factor_provider', 'Two_Factor_Totp' );
}
// Change meta key from old 'itsec_two_factor_key' to new '_two_factor_totp_key'
$wpdb->update( $wpdb->usermeta, array( 'meta_key' => '_two_factor_totp_key' ), array( 'meta_key' => 'itsec_two_factor_key' ) );
}
}