WordPress.org

Making WordPress.org

Changeset 6782


Ignore:
Timestamp:
02/27/2018 02:40:12 AM (3 years ago)
Author:
obenland
Message:

2FA Make login markup and styles blend in better

See #77.

Location:
sites/trunk/wordpress.org/public_html/wp-content/plugins/wporg-two-factor
Files:
1 deleted
3 edited

Legend:

Unmodified
Added
Removed
  • sites/trunk/wordpress.org/public_html/wp-content/plugins/wporg-two-factor/providers/class-wporg-two-factor-primary.php

    r6759 r6782  
    3434        return $this->is_valid_authcode( $key, $code );
    3535    }
     36
     37    /**
     38     * Prints the form that prompts the user to authenticate.
     39     *
     40     * @param WP_User $user WP_User object of the logged-in user.
     41     */
     42    public function authentication_page( $user ) {
     43        require_once ABSPATH . '/wp-admin/includes/template.php';
     44        ?>
     45        <p>
     46            <label for="authcode"><?php esc_html_e( 'Authentication Code:', 'wporg' ); ?></label>
     47            <input type="tel" name="authcode" id="authcode" class="input" value="" size="20" pattern="[0-9]*" />
     48        </p>
     49        <script type="text/javascript">
     50            setTimeout( function(){
     51                var d;
     52                try{
     53                    d = document.getElementById( 'authcode' );
     54                    d.value = '';
     55                    d.focus();
     56                } catch(e){}
     57            }, 200);
     58        </script>
     59        <?php
     60        submit_button( __( 'Authenticate', 'wporg' ), 'primary', 'submit', false );
     61    }
    3662}
  • sites/trunk/wordpress.org/public_html/wp-content/plugins/wporg-two-factor/providers/class-wporg-two-factor-secondary.php

    r6763 r6782  
    3434
    3535        if ( $email_enabled && $slack_enabled ) {
    36             echo '<p>' . __( 'Enter the verification code sent to your Email, Slack, or a printed backup code.', 'wporg' ) . '</p>';
     36            echo '<p class="intro">' . __( 'Enter the verification code sent to your Email, Slack, or a backup code.', 'wporg' ) . '</p>';
    3737        } elseif ( $email_enabled ) {
    38             echo '<p>' . __( 'Enter the verification code sent to your Email, or a printed backup code.', 'wporg' ) . '</p>';
     38            echo '<p class="intro">' . __( 'Enter the verification code sent to your Email, or a backup code.', 'wporg' ) . '</p>';
    3939        } else {
    40             echo '<p>' . __( 'Enter a printed backup code.', 'wporg' ) . '</p>';
     40            echo '<p class="intro">' . __( 'Enter a backup code.', 'wporg' ) . '</p>';
    4141        }
    42         ?>
     42
     43        if ( $email_enabled || $slack_enabled ) : ?>
     44            <p class="two-factor-email-resend intro">
     45                <button type="submit" class="button-link" name="two-factor-backup-resend"><span class="dashicons-before dashicons-controls-repeat"><?php esc_html_e( 'Resend Code', 'wporg' ); ?></span></button>
     46            </p>
     47        <?php endif; ?>
    4348
    4449        <p>
    4550            <label for="authcode"><?php esc_html_e( 'Verification Code:', 'wporg' ); ?></label>
    46             <input type="tel" name="two-factor-backup-code" id="authcode" class="input" value="" size="20" pattern="[0-9]{6,20}" title="<?php esc_attr_e( 'Codes are at least 6 decimal digits' ); ?>" />
    47             <?php submit_button( __( 'Authenticate', 'wporg' ) ); ?>
     51            <input type="tel" name="two-factor-backup-code" id="authcode" class="input" value="" size="20" pattern="[0-9]{6,20}" title="<?php esc_attr_e( 'Codes are at least 6 decimal digits', 'wporg' ); ?>" />
     52            <?php submit_button( __( 'Authenticate', 'wporg' ), 'primary', 'submit', false ); ?>
    4853        </p>
    49 
    50         <?php if ( $email_enabled || $slack_enabled ) { ?>
    51             <p class="two-factor-email-resend">
    52                 <input type="submit" class="button" name="two-factor-backup-resend" value="<?php esc_attr_e( 'Resend Code', 'wporg' ); ?>" />
    53             </p>
    54         <?php } ?>
    5554
    5655        <script type="text/javascript">
     
    7877        ];
    7978        $providers = apply_filters( 'wporg_two_factor_secondary_providers', $providers );
    80 
    81         // Add some CSS for this clss.
    82         wp_enqueue_style( 'two-factor-login', plugins_url( '/css/login.css', dirname( __FILE__ ) ) );
    8379
    8480        foreach ( $providers as $class => $path ) {
  • sites/trunk/wordpress.org/public_html/wp-content/plugins/wporg-two-factor/wporg-two-factor.php

    r6781 r6782  
    206206    }
    207207
    208 
    209208    /**
    210209     * Add short description. @todo
     
    229228
    230229        exit;
     230    }
     231
     232    /**
     233     * Display the login form.
     234     *
     235     * @since 0.1-dev
     236     *
     237     * @param WP_User $user WP_User object of the logged-in user.
     238     */
     239    public static function show_two_factor_login( $user ) {
     240        if ( ! $user ) {
     241            $user = wp_get_current_user();
     242        }
     243
     244        $login_nonce = self::create_login_nonce( $user->ID );
     245        if ( ! $login_nonce ) {
     246            wp_die( esc_html__( 'Failed to create a login nonce.', 'two-factor' ) );
     247        }
     248
     249        $redirect_to = isset( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : $_SERVER['REQUEST_URI'];
     250
     251        self::login_html( $user, $login_nonce['key'], $redirect_to );
     252    }
     253
     254    /**
     255     * Generates the html form for the second step of the authentication process.
     256     *
     257     * @since 0.1-dev
     258     *
     259     * @param WP_User       $user WP_User object of the logged-in user.
     260     * @param string        $login_nonce A string nonce stored in usermeta.
     261     * @param string        $redirect_to The URL to which the user would like to be redirected.
     262     * @param string        $error_msg Optional. Login error message.
     263     * @param string|object $provider An override to the provider.
     264     */
     265    public static function login_html( $user, $login_nonce, $redirect_to, $error_msg = '', $provider = null ) {
     266        if ( empty( $provider ) ) {
     267            $provider = self::get_primary_provider_for_user( $user->ID );
     268        } elseif ( is_string( $provider ) && method_exists( $provider, 'get_instance' ) ) {
     269            $provider = call_user_func( array( $provider, 'get_instance' ) );
     270        }
     271
     272        $provider_class = get_class( $provider );
     273
     274        $available_providers = self::get_available_providers_for_user( $user );
     275        $backup_providers = array_diff_key( $available_providers, array( $provider_class => null ) );
     276        $interim_login = isset( $_REQUEST['interim-login'] ); // WPCS: override ok.
     277        $wp_login_url = wp_login_url();
     278
     279        $rememberme = $_REQUEST['rememberme'] ?? 0;
     280
     281        $backup_classname = key( $backup_providers );
     282        $backup_provider  = $backup_providers[ $backup_classname ];
     283
     284        if ( ! function_exists( 'login_header' ) ) {
     285            // We really should migrate login_header() out of `wp-login.php` so it can be called from an includes file.
     286            include_once( TWO_FACTOR_DIR . 'includes/function.login-header.php' );
     287        }
     288
     289        $wp_error = new \WP_Error();
     290        if ( isset( $_REQUEST['two-factor-backup-resend'] ) ) {
     291            $wp_error->add( 'codes-resent', esc_html__( 'Codes were re-sent.', 'wporg' ), 'message' );
     292        }
     293        if ( ! empty( $error_msg ) ) {
     294            $wp_error->add( 'authentication-error', esc_html( $error_msg ) );
     295        }
     296
     297        login_header( __( 'Authenticate', 'wporg' ), '', $wp_error );
     298        ?>
     299
     300            <form name="validate_2fa_form" id="loginform" action="<?php echo esc_url( set_url_scheme( add_query_arg( 'action', 'validate_2fa', $wp_login_url ), 'login_post' ) ); ?>" method="post" autocomplete="off">
     301                <input type="hidden" name="provider"      id="provider"      value="<?php echo esc_attr( $provider_class ); ?>" />
     302                <input type="hidden" name="wp-auth-id"    id="wp-auth-id"    value="<?php echo esc_attr( $user->ID ); ?>" />
     303                <input type="hidden" name="wp-auth-nonce" id="wp-auth-nonce" value="<?php echo esc_attr( $login_nonce ); ?>" />
     304                <?php if ( $interim_login ) : ?>
     305                    <input type="hidden" name="interim-login" value="1" />
     306                <?php else : ?>
     307                    <input type="hidden" name="redirect_to" value="<?php echo esc_attr( $redirect_to ); ?>" />
     308                <?php endif; ?>
     309                <input type="hidden" name="rememberme"    id="rememberme"    value="<?php echo esc_attr( $rememberme ); ?>" />
     310
     311                <?php $provider->authentication_page( $user ); ?>
     312            </form>
     313        </div><!-- Opened in login_header() -->
     314
     315        <?php if ( empty( $_GET['action'] ) ) : ?>
     316        <div class="backup-methods-wrap">
     317            <a href="<?php echo esc_url( add_query_arg( urlencode_deep( array(
     318                'action'        => 'backup_2fa',
     319                'provider'      => $backup_classname,
     320                'wp-auth-id'    => $user->ID,
     321                'wp-auth-nonce' => $login_nonce,
     322                'redirect_to'   => $redirect_to,
     323                'rememberme'    => $rememberme,
     324            ) ), $wp_login_url ) ); ?>"><?php esc_html_e( 'Try another way to sign in &rarr;', 'wporg' ); ?></a>
     325        </div>
     326        <?php endif; ?>
     327
     328        <style>
     329            body:not(.login-action-backup_2fa):not(.login-action-validate_2fa) #login {
     330                margin-bottom: 0;
     331            }
     332            .login-action-backup_2fa #login,
     333            .login-action-validate_2fa #login {
     334                margin-bottom: 24px;
     335            }
     336            .backup-methods-wrap {
     337                margin: 24px 0;
     338                text-align: center;
     339            }
     340            .backup-methods-wrap a {
     341                color: #999;
     342                text-decoration: none;
     343            }
     344            /* Prevent Jetpack from hiding our controls, see https://github.com/Automattic/jetpack/issues/3747 */
     345            .jetpack-sso-form-display #loginform > p,
     346            .jetpack-sso-form-display #loginform > div {
     347                display: block;
     348            }
     349        </style>
     350
     351        <?php
     352        /** This action is documented in wp-login.php */
     353        do_action( 'login_footer' ); ?>
     354        <div class="clear"></div>
     355        </body>
     356        </html>
     357        <?php
    231358    }
    232359
Note: See TracChangeset for help on using the changeset viewer.