/**
* Displays an admin notice when backup codes have run out.
*
* @since 0.1-dev
*/
public function admin_notices()
{
$user = wp_get_current_user();
// Return if the provider is not enabled.
if (!in_array(__CLASS__, Two_Factor_Core::get_enabled_providers_for_user($user->ID))) {
return;
}
// Return if we are not out of codes.
if ($this->is_available_for_user($user)) {
return;
}
?>
<div class="error">
<p>
<span><?php
esc_html_e('Two-Factor: You are out of backup codes and need to ');
?>
<span>
<a href="<?php
echo esc_url(get_edit_user_link($user->ID) . '#two-factor-backup-codes');
?>
"><?php
esc_html_e('regenerate!');
?>
</a>
</p>
</div>
<?php
}
/**
* Displays an admin notice when backup codes have run out.
*
* @since 0.1-dev
*/
public function admin_notices()
{
$user = wp_get_current_user();
// Return if the provider is not enabled.
if (!in_array(__CLASS__, Two_Factor_Core::get_enabled_providers_for_user($user->ID))) {
return;
}
}
/**
* @covers Two_Factor_Core::get_enabled_providers_for_user
*/
public function test_get_enabled_providers_for_user_logged_in()
{
$user = new WP_User($this->factory->user->create());
$old_user_id = get_current_user_id();
wp_set_current_user($user->ID);
$result = Two_Factor_Core::get_enabled_providers_for_user();
$this->assertEmpty($result);
wp_set_current_user($old_user_id);
}
/**
* Filter the user to authenticate.
*
* @since 0.1-dev
*
* @access public
* @static
*
* @param WP_User $input_user User to authenticate.
* @param string $username User login.
* @param string $password User password.
*/
public static function authenticate( $input_user, $username, $password ) {
$api_request = ( defined( 'XMLRPC_REQUEST' ) && XMLRPC_REQUEST );
if ( ! apply_filters( 'application_password_is_api_request', $api_request ) ) {
return $input_user;
}
$user = get_user_by( 'login', $username );
// If the login name is invalid, short circuit.
if ( ! $user ) {
return $input_user;
}
/*
* Strip out anything non-alphanumeric. This is so passwords can be used with
* or without spaces to indicate the groupings for readability.
*/
$password = preg_replace( '/[^a-z\d]/i', '', $password );
$hashed_passwords = get_user_meta( $user->ID, self::USERMETA_KEY_APPLICATION_PASSWORDS, true );
foreach ( $hashed_passwords as $key => $item ) {
if ( wp_check_password( $password, $item['password'], $user->ID ) ) {
$item['last_used'] = time();
$item['last_ip'] = $_SERVER['REMOTE_ADDR'];
$hashed_passwords[ $key ] = $item;
update_user_meta( $user->ID, self::USERMETA_KEY_APPLICATION_PASSWORDS, $hashed_passwords );
return $user;
}
}
// If the user uses two factor and no valid API credentials were used, return an error
if ( Two_Factor_Core::is_user_using_two_factor( $user->ID ) ) {
return new WP_Error( 'invalid_application_credentials', __( '<strong>ERROR</strong>: Invalid API credentials provided.' ) );
}
// By default, return what we've been passed.
return $input_user;
}
/**
* Displays an admin notice when backup codes have run out.
*
* @since 0.1-dev
*/
public function admin_notices() {
$user = wp_get_current_user();
// Return if the provider is not enabled.
if ( ! in_array( __CLASS__, Two_Factor_Core::get_enabled_providers_for_user( $user->ID ) ) ) {
return;
}
// Return if we are not out of codes.
if ( $this->is_available_for_user( $user ) ) {
return;
}
?>
<div class="error">
<p>
<span><?php printf( // WPCS: XSS OK.
__( 'Two-Factor: You are out of backup codes and need to <a href="%s">regenerate!</a>', 'it-l10n-ithemes-security-pro' ),
esc_url( get_edit_user_link( $user->ID ) . '#two-factor-backup-codes' )
); ?><span>
</p>
</div>
<?php
}
<?php
/**
* Plugin Name: Two Factor
* Plugin URI: http://github.com/georgestephanis/two-factor/
* Description: A prototype extensible core to enable Two-Factor Authentication.
* Author: George Stephanis
* Version: 0.1-dev
* Author URI: http://stephanis.info
* Network: True
*/
/**
* Shortcut constant to the path of this file.
*/
define('TWO_FACTOR_DIR', plugin_dir_path(__FILE__));
/**
* Include the base class here, so that other plugins can also extend it.
*/
require_once TWO_FACTOR_DIR . 'providers/class.two-factor-provider.php';
/**
* Include the core that handles the common bits.
*/
require_once TWO_FACTOR_DIR . 'class.two-factor-core.php';
Two_Factor_Core::add_hooks();
<?php
/**
* Plugin Name: Two Factor
* Plugin URI: http://github.com/georgestephanis/two-factor/
* Description: A prototype extensible core to enable Two-Factor Authentication.
* Author: George Stephanis
* Version: 0.1-dev
* Author URI: http://stephanis.info
*/
/**
* Shortcut constant to the path of this file.
*/
define('TWO_FACTOR_DIR', plugin_dir_path(__FILE__));
/**
* Include the base class here, so that other plugins can also extend it.
*/
require_once TWO_FACTOR_DIR . 'providers/class.two-factor-provider.php';
/**
* Include the core that handles the common bits.
*/
require_once TWO_FACTOR_DIR . 'class.two-factor-core.php';
Two_Factor_Core::get_instance();
/**
* Include the application passwords system.
*/
require_once TWO_FACTOR_DIR . 'class.application-passwords.php';
Application_Passwords::add_hooks();
/**
* @covers Two_Factor_Core::is_user_using_two_factor
*/
public function test_is_user_using_two_factor_not_logged_in()
{
$this->assertFalse(Two_Factor_Core::is_user_using_two_factor());
}
