WordPress.org

Making WordPress.org

Changeset 6753


Ignore:
Timestamp:
02/26/2018 03:56:52 AM (3 years ago)
Author:
dd32
Message:

2FA: Add a single method to enable/disable 2FA for a user.

This introduces a abstract Primary and Secondary provider class to allow us to alter how these providers handle generation behind the scenes.

See #77.

Location:
sites/trunk/wordpress.org/public_html/wp-content/plugins/wporg-two-factor
Files:
2 added
2 edited

Legend:

Unmodified
Added
Removed
  • sites/trunk/wordpress.org/public_html/wp-content/plugins/wporg-two-factor/providers/class-wporg-two-factor-totp.php

    r6735 r6753  
    1717        return $instance;
    1818    }
    19 
    20     public function __construct() {
    21         // Ensure that the Two_Factor_Totp-specific code is added.
    22         add_action( 'two-factor-user-options-' . __CLASS__, array( $this, 'user_two_factor_options' ) );
    23 
    24         return parent::__construct();
    25     }
    26 
    27     /**
    28      * Returns the name of the provider.
    29      */
    30     public function get_label() {
    31         return _x( 'Time Based One-Time Password (Google Authenticator, Authy, etc)', 'Provider Label', 'wporg' );
    32     }
    3319}
  • sites/trunk/wordpress.org/public_html/wp-content/plugins/wporg-two-factor/wporg-two-factor.php

    r6749 r6753  
    187187    public function two_factor_providers( $providers) {
    188188        $wporg_providers = array(
    189             'WPORG_Two_Factor_Email'        => __DIR__ . '/providers/class-wporg-two-factor-email.php',
    190             'WPORG_Two_Factor_Totp'         => __DIR__ . '/providers/class-wporg-two-factor-totp.php',
    191             'WPORG_Two_Factor_Backup_Codes' => __DIR__ . '/providers/class-wporg-two-factor-backup-codes.php',
    192             'WPORG_Two_Factor_Slack'        => __DIR__ . '/providers/class-wporg-two-factor-slack.php'
     189            'WPORG_Two_Factor_Primary'   => __DIR__ . '/providers/class-wporg-two-factor-primary.php',
     190            'WPORG_Two_Factor_Secondary' => __DIR__ . '/providers/class-wporg-two-factor-secondary.php',
    193191        );
    194192
    195193        return $wporg_providers;
     194    }
     195
     196    /**
     197     * Simple handler to enable Two factor for a given user.
     198     * NOTE: It's assumed that the Two Factor details have been setup correctly previously.
     199     */
     200    public static function enable_two_factor( $user_id ) {
     201        // True if at least one provider method was set.
     202        return (
     203            update_user_meta( $user_id, self::PROVIDER_USER_META_KEY,          'WPORG_Two_Factor_Primary' ) ||
     204            update_user_meta( $user_id, self::ENABLED_PROVIDERS_USER_META_KEY, [ 'WPORG_Two_Factor_Primary', 'WPORG_Two_Factor_Secondary' ] )
     205        );
     206    }
     207
     208    /**
     209     * Simple handler to disable Two factor for a given user.
     210     */
     211    public static function disable_two_factor( $user_id ) {
     212        delete_user_meta( $user_id, self::PROVIDER_USER_META_KEY );
     213        delete_user_meta( $user_id, self::ENABLED_PROVIDERS_USER_META_KEY );
     214        delete_user_meta( $user_id, Two_Factor_Totp::SECRET_META_KEY );
     215        return true;
    196216    }
    197217
     
    205225
    206226        $key       = get_user_meta( $user->ID, Two_Factor_Totp::SECRET_META_KEY, true );
    207         $is_active = !! $key;
     227        $is_active = self::is_user_using_two_factor( $user->ID );
    208228        ?>
    209229
     
    377397            }
    378398
     399            if ( ! self::enable_two_factor( $user_id ) ) {
     400                wp_send_json_error( __( 'Unable to save Two Factor Authentication code. Please try again.', 'wporg' ) );
     401            }
     402
    379403            wp_send_json_success();
    380404        }
     
    392416        if ( ! current_user_can( 'edit_user', $user_id ) ) {
    393417            wp_send_json_error( __( 'You do not have permission to edit this user.' ) );
    394         };
    395 
    396         if ( ! delete_user_meta( $user_id, Two_Factor_Totp::SECRET_META_KEY ) ) {
    397             wp_send_json_error( __( 'Unable to remove Two Factor Authentication code. Please try again.', 'wporg' ) );
    398         }
    399 
    400         if ( ! update_user_meta( $user_id, Two_Factor_Core::ENABLED_PROVIDERS_USER_META_KEY, [] ) ) {
     418        }
     419
     420        if ( ! self::disable_two_factor( $user_id ) ) {
    401421            wp_send_json_error( __( 'Unable to remove Two Factor Authentication code. Please try again.', 'wporg' ) );
    402422        }
Note: See TracChangeset for help on using the changeset viewer.