/**
	 * echos Provider Field
	 *
	 * Echo's the settings field that allows a provider to be enabled
	 *
	 * @return void
	 */
	public function settings_field_provider( $provider ) {

		foreach ( $this->_helper->get_all_provider_instances() as $class => $provider ) {
			$enabled = in_array( $class, $this->_settings['enabled-providers'] );
			echo '<input type="checkbox" id="itsec_two_factor_enabled-' . esc_attr( $class ) . '" name="itsec_two_factor[enabled-providers][]" value="' . esc_attr( get_class( $provider ) ) . '" ' . checked( $enabled, true, false ) . '/>';
			echo '<label for="itsec_two_factor_enabled-' . esc_attr( $class ) . '"> ';
			$provider->print_label();
			echo '</label>';
			do_action( 'two-factor-admin-options-' . $class, $enabled );
			echo '<br />';
		}

	}
	/**
	 * Gets the Two-Factor Auth provider for the specified|current user.
	 *
	 * @param int $user_id Optional. User ID. Default is 'null'.
	 * @return object|null
	 */
	public function get_primary_provider_for_user( $user_id = null ) {
		if ( empty( $user_id ) || ! is_numeric( $user_id ) ) {
			$user_id = get_current_user_id();
		}

		$providers           = $this->_helper->get_enabled_provider_instances();
		$available_providers = $this->get_available_providers_for_user( get_userdata( $user_id ) );

		// If there's only one available provider, force that to be the primary.
		if ( empty( $available_providers ) ) {
			return null;
		} elseif ( 1 === count( $available_providers ) ) {
			$provider = key( $available_providers );
		} else {
			$provider = get_user_meta( $user_id, $this->_provider_user_meta_key, true );

			// If the provider specified isn't enabled, just grab the first one that is.
			if ( ! isset( $available_providers[ $provider ] ) ) {
				$provider = key( $available_providers );
			}
		}

		/**
		 * Filter the two-factor authentication provider used for this user.
		 *
		 * @param string $provider The provider currently being used.
		 * @param int    $user_id  The user ID.
		 */
		$provider = apply_filters( 'two_factor_primary_provider_for_user', $provider, $user_id );

		if ( isset( $providers[ $provider ] ) ) {
			return $providers[ $provider ];
		}

		return null;
	}
	/**
	 * Function to instantiate our class and make it a singleton
	 */
	public static function get_instance() {
		if ( ! self::$instance ) {
			self::$instance = new self;
		}

		return self::$instance;
	}
Esempio n. 4
0
		/**
		 * Execute module upgrade
		 *
		 * @return void
		 */
		public function execute_upgrade( $old, $new ) {
			// Upgrade to new provider module system
			if ( $old < 4038 ) {

				global $wpdb;
				$settings = get_site_option( 'itsec_two_factor' );
				// If two-factor wasn't enabled or already has providers for some reason, don't worry about upgrading it
				if ( ! isset( $settings['enabled'] ) || ! $settings['enabled'] || ! empty( $settings['enabled-providers'] ) ) {
					return;
				}
				$settings = array(
					'enabled' => true,
					'enabled-providers' => array(
						'Two_Factor_Totp',
						'Two_Factor_Backup_Codes'
					)
				);
				update_site_option( 'itsec_two_factor', $settings );
				// Instantiate enabled providers so we can handle all the updating
				$helper = ITSEC_Two_Factor_Helper::get_instance();
				$helper->get_enabled_provider_instances( true );

				/**
				 * Migrate all app passes to new system
				 */
				$meta_results = $wpdb->get_results( "SELECT * FROM `{$wpdb->usermeta}` WHERE `meta_key` = 'itsec_two_factor_app_pass'" );

				foreach ( $meta_results as $user_meta ) {
					// New Style Passwords, in case any exist from other compatible plugins
					$passwords = Application_Passwords::get_user_application_passwords( $user_meta->user_id );
					if ( ! $passwords ) {
						$passwords = array();
					}

					$app_passwords = maybe_unserialize( $user_meta->meta_value );
					if ( is_array( $app_passwords ) ) {
						foreach ( $app_passwords as $name => $app_password ) {
							$passwords[]  = array(
								'name'      => $name,
								'password'  => $app_password,
								'created'   => time(),
								'last_used' => null,
								'last_ip'   => null,
							);
						}
					}
					// Store them all
					Application_Passwords::set_user_application_passwords( $user_meta->user_id, $passwords );
					delete_user_meta( $user_meta->user_id, 'itsec_two_factor_app_pass' );

				}

				/**
				 * Enable the TOTP provider for any user that is already using two-factor
				 */
				$meta_results = $wpdb->get_results( "SELECT * FROM `{$wpdb->usermeta}` WHERE `meta_key` = 'itsec_two_factor_enabled'" );
				foreach ( $meta_results as $user_meta ) {
					// Out with the old
					delete_user_meta( $user_meta->user_id, 'itsec_two_factor_enabled' );
					// Enable TOTP
					update_usermeta( $user_meta->user_id, '_two_factor_enabled_providers', array( 'Two_Factor_Totp' ) );
					// Make TOTP default
					update_usermeta( $user_meta->user_id, '_two_factor_provider', 'Two_Factor_Totp' );
				}

				// Change meta key from old 'itsec_two_factor_key' to new '_two_factor_totp_key'
				$wpdb->update( $wpdb->usermeta, array( 'meta_key' => '_two_factor_totp_key' ), array( 'meta_key' => 'itsec_two_factor_key' ) );
			}

		}