kawaiipunk/laipower
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

updated plugin WP-WebAuthn version 1.3.1

Browse Source
This commit is contained in:
KawaiiPunk
2023-10-22 22:21:36 +00:00
committed by Gitium
parent 959829cf69
commit c7746517a0
931 changed files with 5408 additions and 1937 deletions
Download Patch File Download Diff File Expand all files Collapse all files

99
wp-content/plugins/wp-webauthn/wwa-functions.php
View File

@ -40,9 +40,18 @@ function wwa_init_new_options(){
if(wwa_get_option('remember_me') === false){
wwa_update_option('remember_me', 'false');
}
if(wwa_get_option('email_login') === false){
wwa_update_option('email_login', 'false');
}
if(wwa_get_option('usernameless_login') === false){
wwa_update_option('usernameless_login', 'false');
}
if(wwa_get_option('password_reset') === false){
wwa_update_option('password_reset', 'off');
}
if(wwa_get_option('after_user_registration') === false){
wwa_update_option('after_user_registration', 'none');
}
}
// Create random strings for user ID
@ -71,7 +80,7 @@ function wwa_add_log($id, $content = '', $init = false){
if($log === false){
$log = array();
}
$log[] = '['.date('Y-m-d H:i:s', current_time('timestamp')).']['.$id.'] '.$content;
$log[] = '['.current_time('mysql').']['.$id.'] '.$content;
update_option('wwa_log', $log);
}
@ -100,9 +109,8 @@ function wwa_delete_user($user_id){
$res_id = wwa_generate_random_string(5);
$user_data = get_userdata($user_id);
$all_user_meta = wwa_get_option("user_id");
$user_key = "";
wwa_add_log($res_id, "Delete user => \"".$user_data->user_login."\"");
$all_user_meta = wwa_get_option('user_id');
$user_key = '';
// Delete user meta
foreach($all_user_meta as $user => $id){
@ -114,26 +122,26 @@ function wwa_delete_user($user_id){
}
// Delete credentials
$all_credentials_meta = json_decode(wwa_get_option("user_credentials_meta"), true);
$all_credentials = json_decode(wwa_get_option("user_credentials"), true);
$all_credentials_meta = json_decode(wwa_get_option('user_credentials_meta'), true);
$all_credentials = json_decode(wwa_get_option('user_credentials'), true);
foreach($all_credentials_meta as $credential => $meta){
if($user_key === $meta["user"]){
if($user_key === $meta['user']){
wwa_add_log($res_id, "Delete credential => \"".$credential."\"");
unset($all_credentials_meta[$credential]);
unset($all_credentials[$credential]);
}
}
wwa_update_option("user_id", $all_user_meta);
wwa_update_option("user_credentials_meta", json_encode($all_credentials_meta));
wwa_update_option("user_credentials", json_encode($all_credentials));
wwa_add_log($res_id, "Done");
wwa_update_option('user_id', $all_user_meta);
wwa_update_option('user_credentials_meta', json_encode($all_credentials_meta));
wwa_update_option('user_credentials', json_encode($all_credentials));
wwa_add_log($res_id, "Deleted user => \"".$user_data->user_login."\"");
}
add_action('delete_user', 'wwa_delete_user');
// Add CSS and JS in login page
function wwa_login_js(){
$wwa_not_allowed = false;
if(!function_exists("mb_substr") || !function_exists("gmp_intval") || !wwa_check_ssl() && (parse_url(site_url(), PHP_URL_HOST) !== 'localhost' && parse_url(site_url(), PHP_URL_HOST) !== '127.0.0.1')){
if(!function_exists('mb_substr') || !function_exists('gmp_intval') || !wwa_check_ssl() && (parse_url(site_url(), PHP_URL_HOST) !== 'localhost' && parse_url(site_url(), PHP_URL_HOST) !== '127.0.0.1')){
$wwa_not_allowed = true;
}
wp_enqueue_script('wwa_login', plugins_url('js/login.js', __FILE__), array(), get_option('wwa_version')['version'], true);
@ -143,8 +151,11 @@ function wwa_login_js(){
'admin_url' => admin_url(),
'usernameless' => (wwa_get_option('usernameless_login') === false ? 'false' : wwa_get_option('usernameless_login')),
'remember_me' => (wwa_get_option('remember_me') === false ? 'false' : wwa_get_option('remember_me')),
'email_login' => (wwa_get_option('email_login') === false ? 'false' : wwa_get_option('email_login')),
'allow_authenticator_type' => (wwa_get_option('allow_authenticator_type') === false ? "none" : wwa_get_option('allow_authenticator_type')),
'webauthn_only' => ($first_choice === 'webauthn' && !$wwa_not_allowed) ? 'true' : 'false',
'password_reset' => ((wwa_get_option('password_reset') === false || wwa_get_option('password_reset') === 'off') ? 'false' : 'true'),
'separator' => apply_filters('login_link_separator', ' | '),
'i18n_1' => __('Auth', 'wp-webauthn'),
'i18n_2' => __('Authenticate with WebAuthn', 'wp-webauthn'),
'i18n_3' => __('Hold on...', 'wp-webauthn'),
@ -167,7 +178,7 @@ add_action('login_enqueue_scripts', 'wwa_login_js', 999);
// Disable password login
function wwa_disable_password($user){
if(!function_exists("mb_substr") || !function_exists("gmp_intval") || !wwa_check_ssl() && (parse_url(site_url(), PHP_URL_HOST) !== 'localhost' && parse_url(site_url(), PHP_URL_HOST) !== '127.0.0.1')){
if(!function_exists('mb_substr') || !function_exists('gmp_intval') || !wwa_check_ssl() && (parse_url(site_url(), PHP_URL_HOST) !== 'localhost' && parse_url(site_url(), PHP_URL_HOST) !== '127.0.0.1')){
return $user;
}
if(wwa_get_option('first_choice') === 'webauthn'){
@ -183,6 +194,52 @@ function wwa_disable_password($user){
}
add_filter('wp_authenticate_user', 'wwa_disable_password', 10, 1);
function wwa_handle_user_register($user_id){
if(wwa_get_option('password_reset') === 'admin' || wwa_get_option('password_reset') === 'all'){
update_user_option($user_id, 'default_password_nag', false);
}
if(wwa_get_option('after_user_registration') === 'login'){
wp_set_current_user($user_id);
wp_set_auth_cookie($user_id);
wp_redirect(admin_url('profile.php?wwa_registered=true#wwa-webauthn-start'));
exit;
}
}
add_action('register_new_user', 'wwa_handle_user_register');
// Disable Password Reset URL & Redirect
function wwa_disable_lost_password(){
if((wwa_get_option('password_reset') === 'admin' || wwa_get_option('password_reset') === 'all') && isset( $_GET['action'] )){
if(in_array($_GET['action'], array('lostpassword', 'retrievepassword', 'resetpass', 'rp'))){
wp_redirect(wp_login_url(), 302);
exit;
}
}
}
function wwa_handle_lost_password_html_link($link){
if(wwa_get_option('password_reset') === 'admin' || wwa_get_option('password_reset') === 'all'){
return '<span id="wwa-lost-password-link-placeholder"></span>';
}
return $link;
}
function wwa_handle_password(){
if(wwa_get_option('password_reset') === 'admin' || wwa_get_option('password_reset') === 'all'){
if(wwa_get_option('password_reset') === 'admin'){
if(current_user_can('edit_users')){
return true;
}
}
return false;
}
return true;
}
if(wwa_get_option('password_reset') === 'admin' || wwa_get_option('password_reset') === 'all'){
add_action('login_init', 'wwa_disable_lost_password');
add_filter('lost_password_html_link', 'wwa_handle_lost_password_html_link');
add_filter('show_password_fields', 'wwa_handle_password');
add_filter('allow_password_reset', 'wwa_handle_password');
}
// Show a notice in admin pages
function wwa_no_authenticator_warning(){
$user_info = wp_get_current_user();
@ -235,7 +292,7 @@ function wwa_no_authenticator_warning(){
return;
}
if($first_choice !== 'webauthn' && get_the_author_meta('webauthn_only', $user_info->ID ) !== 'true'){
if($first_choice !== 'webauthn' && get_the_author_meta('webauthn_only', $user_info->ID) !== 'true'){
return;
}
@ -323,10 +380,22 @@ function wwa_check_ssl() {
// Check user privileges
function wwa_validate_privileges() {
$user = wp_get_current_user();
$allowed_roles = array( 'administrator' );
$allowed_roles = array('administrator');
if(array_intersect($allowed_roles, $user->roles)){
return true;
}
return false;
}
// Get user by username or email
function wwa_get_user($username) {
if(wwa_get_option('email_login') !== 'true'){
return get_user_by('login', $username);
}else{
if(is_email($username)){
return get_user_by('email', $username);
}
return get_user_by('login', $username);
}
}
?>