kawaiipunk/laipower
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

updated plugin WP-WebAuthn version 1.4.1

Browse Source
This commit is contained in:
KawaiiPunk
2026-06-03 21:27:37 +00:00
committed by Gitium
parent e4b9b8235b
commit 5cd2237fad
39 changed files with 2660 additions and 1265 deletions
Download Patch File Download Diff File Expand all files Collapse all files

60
wp-content/plugins/wp-webauthn/wwa-compatibility.php
View File

@ -1,5 +1,61 @@
<?php
// Two Factor
if(has_action('wp_login', array('Two_Factor_Core', 'wp_login')) !== false){
remove_action('wp_login', array('Two_Factor_Core', 'wp_login'), 10, 2);
if (!defined('ABSPATH')) {
exit;
}
if (!function_exists('wwa_is_webauthn_ajax_login_request')) {
function wwa_is_webauthn_ajax_login_request(): bool
{
if (!function_exists('wp_doing_ajax') || !wp_doing_ajax()) {
return false;
}
$action = isset($_REQUEST['action'])
? sanitize_text_field(wp_unslash($_REQUEST['action']))
: '';
return in_array($action, array('wwa_auth_start', 'wwa_auth'), true);
}
}
if (wwa_is_webauthn_ajax_login_request() && class_exists('Two_Factor_Core')) {
/**
* 1) Prevent Two-Factor from redirecting passwordless WebAuthn logins
* into its own wp_login challenge flow.
*/
$prio = has_action('wp_login', array('Two_Factor_Core', 'wp_login'));
if ($prio !== false) {
remove_action('wp_login', array('Two_Factor_Core', 'wp_login'), $prio);
}
// Defensive cleanup for common / unexpected priorities.
remove_action('wp_login', array('Two_Factor_Core', 'wp_login'), 1);
remove_action('wp_login', array('Two_Factor_Core', 'wp_login'), 10);
remove_action('wp_login', array('Two_Factor_Core', 'wp_login'), 100);
remove_action('wp_login', array('Two_Factor_Core', 'wp_login'), PHP_INT_MAX);
/**
* 2) Prevent Two-Factor from reporting enabled providers during
* the passwordless WebAuthn AJAX auth flow only.
*
* This keeps Two-Factor fully active for normal password logins.
*/
add_filter('two_factor_enabled_providers_for_user', function ($enabled, $user_id) {
return array();
}, 9, 2);
/**
* 3) If Two-Factor previously blocked auth cookies in this request,
* allow them again so WP-WebAuthn can complete login successfully.
*/
$cookie_prio = has_filter('send_auth_cookies', '__return_false');
if ($cookie_prio !== false) {
remove_filter('send_auth_cookies', '__return_false', $cookie_prio);
}
remove_filter('send_auth_cookies', '__return_false', 31);
remove_filter('send_auth_cookies', '__return_false', 100);
remove_filter('send_auth_cookies', '__return_false', PHP_INT_MAX);
}