/** * Display the application password section in a users profile. * * This executes during the `show_user_security_settings` action. * * @since 0.1-dev * * @access public * @static * * @param WP_User $user WP_User object of the logged-in user. */ public static function show_user_profile($user) { wp_enqueue_style('application-passwords-css', plugin_dir_url(__FILE__) . 'application-passwords.css', array()); wp_enqueue_script('application-passwords-js', plugin_dir_url(__FILE__) . 'application-passwords.js', array()); wp_localize_script('application-passwords-js', 'appPass', array('root' => esc_url_raw(rest_url()), 'namespace' => '2fa/v1', 'nonce' => wp_create_nonce('wp_rest'), 'user_id' => $user->ID)); ?> <div class="application-passwords hide-if-no-js" id="application-passwords-section"> <h2 id="application-passwords"><?php esc_html_e('Application Passwords'); ?> </h2> <p><?php esc_html_e('Application passwords allow authentication via non-interactive systems, such as XMLRPC or the REST API, without providing your actual password. Application passwords can be easily revoked. They cannot be used for traditional logins to your website.'); ?> </p> <div class="create-application-password"> <input type="text" size="30" name="new_application_password_name" placeholder="<?php esc_attr_e('New Application Password Name'); ?> " class="input" /> <?php submit_button(__('Add New'), 'secondary', 'do_new_application_password', false); ?> </div> <div class="application-passwords-list-table-wrapper"> <?php require dirname(__FILE__) . '/class.application-passwords-list-table.php'; $application_passwords_list_table = new Application_Passwords_List_Table(); $application_passwords_list_table->items = self::get_user_application_passwords($user->ID); $application_passwords_list_table->prepare_items(); $application_passwords_list_table->display(); ?> </div> </div> <script type="text/html" id="tmpl-new-application-password"> <div class="new-application-password notification-dialog-wrap"> <div class="app-pass-dialog-background notification-dialog-background"> <div class="app-pass-dialog notification-dialog"> <div class="new-application-password-content"> <?php printf(esc_html_x('Your new password for %1$s is: %2$s', 'application, password'), '<strong>{{ data.name }}</strong>', '<kbd>{{ data.password }}</kbd>'); ?> </div> <p><?php esc_attr_e('Be sure to save this in a safe location. You will not be able to retrieve it.'); ?> </p> <button class="button button-primary application-password-modal-dismiss"><?php esc_attr_e('Dismiss'); ?> </button> </div> </div> </div> </script> <script type="text/html" id="tmpl-application-password-row"> <tr data-slug="{{ data.slug }}"> <td class="name column-name has-row-actions column-primary" data-colname="<?php echo esc_attr('Name'); ?> "> {{ data.name }} </td> <td class="created column-created" data-colname="<?php echo esc_attr('Created'); ?> "> {{ data.created }} </td> <td class="last_used column-last_used" data-colname="<?php echo esc_attr('Last Used'); ?> "> {{ data.last_used }} </td> <td class="last_ip column-last_ip" data-colname="<?php echo esc_attr('Last IP'); ?> "> {{ data.last_ip }} </td> <td class="revoke column-revoke" data-colname="<?php echo esc_attr('Revoke'); ?> "> <input type="submit" name="revoke-application-password" class="button delete" value="<?php esc_attr_e('Revoke'); ?> "> </td> </tr> </script> <?php }
/** * Display the application password section in a users profile. * * This executes during the `show_user_profile` & `edit_user_profile` actions. * * @since 0.1-dev * * @access public * @static * * @param WP_User $user WP_User object of the logged-in user. */ public static function show_user_profile($user) { wp_nonce_field("user_application_passwords-{$user->ID}", '_nonce_user_application_passwords'); $new_password = null; $new_password_name = null; $application_passwords = self::get_user_application_passwords($user->ID); if ($application_passwords) { foreach ($application_passwords as &$application_password) { if (!empty($application_password['raw'])) { $new_password = $application_password['raw']; $new_password_name = $application_password['name']; unset($application_password['raw']); } } unset($application_password); } // If we've got a new one, update the db record to not save it there any longer. if ($new_password) { self::set_user_application_passwords($user->ID, $application_passwords); } ?> <div class="application-passwords" id="application-passwords-section"> <h3><?php esc_html_e('Application Passwords'); ?> </h3> <p><?php esc_html_e('Application Passwords are used to allow authentication via non-interactive systems, such as XMLRPC, where you would not otherwise be able to use your normal password due to the inability to complete the second factor of authentication.'); ?> </p> <div class="create-application-password"> <input type="text" size="30" name="new_application_password_name" placeholder="<?php esc_attr_e('New Application Password Name'); ?> " /> <?php submit_button(__('Add New'), 'secondary', 'do_new_application_password', false); ?> </div> <?php if ($new_password) { ?> <p class="new-application-password"> <?php printf(esc_html_x('Your new password for %1$s is %2$s.', 'application, password'), '<strong>' . esc_html($new_password_name) . '</strong>', '<kbd>' . esc_html(self::chunk_password($new_password)) . '</kbd>'); ?> </p> <?php } ?> <?php require dirname(__FILE__) . '/class.application-passwords-list-table.php'; // @todo Isn't this class already loaded in Two_Factor_Core::get_providers()? $application_passwords_list_table = new Application_Passwords_List_Table(); $application_passwords_list_table->items = $application_passwords; $application_passwords_list_table->prepare_items(); $application_passwords_list_table->display(); ?> </div> <?php }