function mo2f_check_username_password($user, $username, $password) { if (isset($_POST['miniorange_login_nonce'])) { $nonce = $_POST['miniorange_login_nonce']; if (!wp_verify_nonce($nonce, 'miniorange-2-factor-login-nonce')) { wp_logout(); $error = new WP_Error(); $error->add('empty_username', __('<strong>ERROR</strong>: Invalid Request.')); return $error; } else { $currentuser = mo2f_wp_authenticate_username_password($user, $username, $password); if (is_wp_error($currentuser)) { return $currentuser; } else { if (!session_id() || session_id() == '' || !isset($_SESSION)) { session_start(); } $_SESSION['mo2f_current_user'] = $currentuser; $_SESSION['mo2f_1stfactor_status'] = 'VALIDATE_SUCCESS'; $roles = $currentuser->roles; $current_role = array_shift($roles); if (get_option('mo2fa_' . $current_role)) { if (!session_id() || session_id() == '' || !isset($_SESSION)) { session_start(); } $email = get_user_meta($currentuser->ID, 'mo_2factor_map_id_with_email', true); $attributes = isset($_POST['miniorange_rba_attribures']) ? $_POST['miniorange_rba_attribures'] : null; if ($email && get_user_meta($currentuser->ID, 'mo_2factor_user_registration_status', true) == 'MO_2_FACTOR_PLUGIN_SETTINGS') { //checking if user has configured any 2nd factor method try { $mo2f_rba_status = mo2f_collect_attributes($email, stripslashes($attributes)); // Rba flow } catch (Exception $e) { echo $e->getMessage(); } if ($mo2f_rba_status['status'] == 'SUCCESS' && $mo2f_rba_status['decision_flag']) { $this->mo2fa_pass2login(); } else { $_SESSION['mo2f_rba_status'] = $mo2f_rba_status; $mo2f_second_factor = mo2f_get_user_2ndfactor($currentuser); if ($mo2f_second_factor == 'MOBILE AUTHENTICATION') { $this->mo2f_pass2login_mobile_verification($currentuser); } else { if ($mo2f_second_factor == 'PUSH NOTIFICATIONS' || $mo2f_second_factor == 'OUT OF BAND EMAIL') { $this->mo2f_pass2login_push_oobemail_verification($currentuser, $mo2f_second_factor); } else { if ($mo2f_second_factor == 'SOFT TOKEN' || $mo2f_second_factor == 'SMS' || $mo2f_second_factor == 'PHONE VERIFICATION' || $mo2f_second_factor == 'GOOGLE AUTHENTICATOR') { $this->mo2f_pass2login_otp_verification($currentuser, $mo2f_second_factor); } else { if ($mo2f_second_factor == 'KBA') { $this->mo2f_pass2login_kba_verification($currentuser); } else { $this->remove_current_activity(); $error = new WP_Error(); $error->add('empty_username', __('<strong>ERROR</strong>: Please try again or contact your admin.')); return $error; } } } } } } else { $_SESSION['mo2f-login-message'] = ''; if (get_user_meta($currentuser->ID, 'mo_2factor_user_registration_status', true) == 'MO_2_FACTOR_INITIALIZE_TWO_FACTOR') { $_SESSION['mo_2factor_login_status'] = 'MO_2_FACTOR_PROMPT_USER_FOR_2FA_METHODS'; } else { $_SESSION['mo_2factor_login_status'] = 'MO_2_FACTOR_PROMPT_FOR_USER_REGISTRATION'; } } } else { //plugin is not activated for current role then logged him in without asking 2 factor $this->mo2fa_pass2login(); } } } } else { $error = new WP_Error(); return $error; } }
function mo2fa_default_login($user, $username, $password) { $currentuser = mo2f_wp_authenticate_username_password($user, $username, $password); if (is_wp_error($currentuser)) { return $currentuser; } else { $current_role = $currentuser->roles[0]; if (get_option('mo2fa_' . $current_role)) { if (!session_id() || session_id() == '' || !isset($_SESSION)) { session_start(); } if (get_user_meta($currentuser->ID, 'mo_2factor_mobile_registration_status', true) == 'MO_2_FACTOR_SUCCESS') { // for existing users $error = new WP_Error(); $error->add('empty_username', __('<strong>ERROR</strong>: Login with password is disabled for you.Please Login using your phone')); return $error; } else { if (get_user_meta($currentuser->ID, 'mo_2factor_map_id_with_email', true) && get_user_meta($currentuser->ID, 'mo_2factor_user_registration_status', true) == 'MO_2_FACTOR_PLUGIN_SETTINGS') { //checking if user has configured any 2nd factor method $error = new WP_Error(); $error->add('empty_username', __('<strong>ERROR</strong>: Login with password is disabled for you.Please Login using your phone')); return $error; } else { //if user has not configured any 2nd factor method then logged him in without asking 2nd factor $this->mo2f_verify_and_authenticate_userlogin($currentuser); } } } else { //plugin is not activated for non-admin then logged him in $this->mo2f_verify_and_authenticate_userlogin($currentuser); } } }