Version Description
- Google Authenticator-Two Factor Authentication (2FA) : Bug fix for DB error.
Download this release
Release Info
| Developer | cyberlord92 |
| Plugin |  Google Authenticator – WordPress Two Factor Authentication (2FA) |
| Version | 5.1.6 |
| Comparing to | |
| See all releases | |
Code changes from version 5.1.2 to 5.1.6
- class-customer-setup.php +3 -3
- class-miniorange-2-factor-login.php +40 -27
- class-miniorange-2-factor-pass2fa-login.php +250 -218
- class-miniorange-2-factor-user-registration.php +1 -1
- class-utility.php +143 -20
- database/database_functions.php +100 -2
- includes/css/bootstrap.min.css +7 -0
- includes/css/style_settings.css +13 -7
- miniorange_2_factor_common_login.php +34 -14
- miniorange_2_factor_configuration.php +3 -2
- miniorange_2_factor_mobile_configuration.php +75 -61
- miniorange_2_factor_settings.php +74 -75
- readme.txt +24 -1
- uninstall.php +8 -4
- views/configure_authy_authenticator +2 -2
- views/configure_google_authenticator +19 -117
- views/configure_otp_over_sms +3 -3
- views/customer_registration.php +4 -4
- views/feedback_form.php +22 -20
- views/test_2fa_notification.php +37 -0
class-customer-setup.php
CHANGED
|
@@ -96,7 +96,7 @@ class Customer_Setup {
|
|
| 96 |
$timestampHeader = "Timestamp: " . $currentTimeInMillis;
|
| 97 |
$authorizationHeader = "Authorization: " . $hashValue;
|
| 98 |
$fromEmail = $email;
|
| 99 |
-
$subject = "WordPress
|
| 100 |
|
| 101 |
global $user;
|
| 102 |
$user = wp_get_current_user();
|
|
@@ -115,7 +115,7 @@ class Customer_Setup {
|
|
| 115 |
$customer_feature = "V3";
|
| 116 |
}
|
| 117 |
|
| 118 |
-
$query = '[WordPress 2 Factor Authentication Plugin: ' . $customer_feature . ' - V 5.1.
|
| 119 |
|
| 120 |
$content = '<div >First Name :' . $user->user_firstname . '<br><br>Last Name :' . $user->user_lastname . ' <br><br>Company :<a href="' . $_SERVER['SERVER_NAME'] . '" target="_blank" >' . $_SERVER['SERVER_NAME'] . '</a><br><br>Phone Number :' . $phone . '<br><br>Email :<a href="mailto:' . $fromEmail . '" target="_blank">' . $fromEmail . '</a><br><br>Query :' . $query . '</div>';
|
| 121 |
|
|
@@ -616,7 +616,7 @@ class Customer_Setup {
|
|
| 616 |
$customer_feature = "V3";
|
| 617 |
}
|
| 618 |
|
| 619 |
-
$query = '[WordPress 2 Factor Authentication Plugin: ' . $customer_feature . ' - V 5.1.
|
| 620 |
$fields = array(
|
| 621 |
'firstName' => $user->user_firstname,
|
| 622 |
'lastName' => $user->user_lastname,
|
| 96 |
$timestampHeader = "Timestamp: " . $currentTimeInMillis;
|
| 97 |
$authorizationHeader = "Authorization: " . $hashValue;
|
| 98 |
$fromEmail = $email;
|
| 99 |
+
$subject = "WordPress 2FA Plugin Feedback - " . $email;
|
| 100 |
|
| 101 |
global $user;
|
| 102 |
$user = wp_get_current_user();
|
| 115 |
$customer_feature = "V3";
|
| 116 |
}
|
| 117 |
|
| 118 |
+
$query = '[WordPress 2 Factor Authentication Plugin: ' . $customer_feature . ' - V 5.1.6]: ' . $message;
|
| 119 |
|
| 120 |
$content = '<div >First Name :' . $user->user_firstname . '<br><br>Last Name :' . $user->user_lastname . ' <br><br>Company :<a href="' . $_SERVER['SERVER_NAME'] . '" target="_blank" >' . $_SERVER['SERVER_NAME'] . '</a><br><br>Phone Number :' . $phone . '<br><br>Email :<a href="mailto:' . $fromEmail . '" target="_blank">' . $fromEmail . '</a><br><br>Query :' . $query . '</div>';
|
| 121 |
|
| 616 |
$customer_feature = "V3";
|
| 617 |
}
|
| 618 |
|
| 619 |
+
$query = '[WordPress 2 Factor Authentication Plugin: ' . $customer_feature . ' - V 5.1.6]: ' . $query;
|
| 620 |
$fields = array(
|
| 621 |
'firstName' => $user->user_firstname,
|
| 622 |
'lastName' => $user->user_lastname,
|
class-miniorange-2-factor-login.php
CHANGED
|
@@ -34,6 +34,9 @@ class Miniorange_Mobile_Login {
|
|
| 34 |
return $currentuser;
|
| 35 |
} else {
|
| 36 |
$this->miniorange_login_start_session();
|
|
|
|
|
|
|
|
|
|
| 37 |
|
| 38 |
$current_roles = miniorange_get_user_role( $currentuser );
|
| 39 |
|
|
@@ -46,8 +49,7 @@ class Miniorange_Mobile_Login {
|
|
| 46 |
$mo2f_user_registration_status = $Mo2fdbQueries->get_user_detail( 'mo_2factor_user_registration_status', $currentuser->ID );
|
| 47 |
|
| 48 |
if ( $mo2f_user_email && $mo2f_user_registration_status == 'MO_2_FACTOR_PLUGIN_SETTINGS' ) { //checking if user has configured any 2nd factor method
|
| 49 |
-
$
|
| 50 |
-
MO2f_Utility::mo2f_set_cookie_values( "mo2f-login-message", '<strong>ERROR</strong>: Login with password is disabled for you. Please Login using your phone.' );
|
| 51 |
$this->mo_auth_show_error_message();
|
| 52 |
$this->mo2f_redirectto_wp_login();
|
| 53 |
$error = new WP_Error();
|
|
@@ -55,12 +57,12 @@ class Miniorange_Mobile_Login {
|
|
| 55 |
return $error;
|
| 56 |
} else { //if user has not configured any 2nd factor method then logged him in without asking 2nd factor
|
| 57 |
|
| 58 |
-
$this->mo2f_verify_and_authenticate_userlogin( $currentuser, $redirect_to );
|
| 59 |
}
|
| 60 |
} else { //plugin is not activated for non-admin then logged him in
|
| 61 |
|
| 62 |
|
| 63 |
-
$this->mo2f_verify_and_authenticate_userlogin( $currentuser, $redirect_to );
|
| 64 |
|
| 65 |
}
|
| 66 |
}
|
|
@@ -77,28 +79,27 @@ class Miniorange_Mobile_Login {
|
|
| 77 |
add_filter( 'login_message', array( $this, 'mo_auth_error_message' ) );
|
| 78 |
|
| 79 |
}
|
|
|
|
|
|
|
| 80 |
|
| 81 |
function mo2f_redirectto_wp_login() {
|
|
|
|
|
|
|
|
|
|
| 82 |
remove_action( 'login_enqueue_scripts', array( $this, 'mo_2_factor_hide_login' ) );
|
| 83 |
add_action( 'login_dequeue_scripts', array( $this, 'mo_2_factor_show_login' ) );
|
| 84 |
if ( get_option( 'mo2f_enable_login_with_2nd_factor' ) ) {
|
| 85 |
-
$
|
| 86 |
-
//if the php session folder has insufficient permissions, cookies to be used
|
| 87 |
-
MO2f_Utility::mo2f_set_cookie_values( "mo_2factor_login_status", 'MO_2_FACTOR_LOGIN_WHEN_PHONELOGIN_ENABLED' );
|
| 88 |
-
|
| 89 |
} else {
|
| 90 |
-
$
|
| 91 |
-
//if the php session folder has insufficient permissions, cookies to be used
|
| 92 |
-
MO2f_Utility::mo2f_set_cookie_values( "mo_2factor_login_status", 'MO_2_FACTOR_SHOW_USERPASS_LOGIN_FORM' );
|
| 93 |
-
|
| 94 |
}
|
| 95 |
}
|
| 96 |
|
| 97 |
-
function mo2f_verify_and_authenticate_userlogin( $user, $redirect_to = null ) {
|
| 98 |
|
| 99 |
$user_id = $user->ID;
|
| 100 |
wp_set_current_user( $user_id, $user->user_login );
|
| 101 |
-
$this->remove_current_activity();
|
| 102 |
wp_set_auth_cookie( $user_id, true );
|
| 103 |
do_action( 'wp_login', $user->user_login, $user );
|
| 104 |
redirect_user_to( $user, $redirect_to );
|
|
@@ -106,14 +107,14 @@ class Miniorange_Mobile_Login {
|
|
| 106 |
|
| 107 |
}
|
| 108 |
|
| 109 |
-
function remove_current_activity() {
|
| 110 |
$session_variables = array(
|
| 111 |
'mo2f_current_user_id',
|
| 112 |
'mo2f_1stfactor_status',
|
| 113 |
'mo_2factor_login_status',
|
| 114 |
'mo2f-login-qrCode',
|
| 115 |
'mo2f_transactionId',
|
| 116 |
-
'
|
| 117 |
'mo2f_rba_status',
|
| 118 |
'mo_2_factor_kba_questions',
|
| 119 |
'mo2f_show_qr_code',
|
|
@@ -127,7 +128,7 @@ class Miniorange_Mobile_Login {
|
|
| 127 |
'mo_2factor_login_status',
|
| 128 |
'mo2f-login-qrCode',
|
| 129 |
'mo2f_transactionId',
|
| 130 |
-
'
|
| 131 |
'mo2f_rba_status_status',
|
| 132 |
'mo2f_rba_status_sessionUuid',
|
| 133 |
'mo2f_rba_status_decision_flag',
|
|
@@ -138,8 +139,20 @@ class Miniorange_Mobile_Login {
|
|
| 138 |
'mo2f_authy_keys'
|
| 139 |
);
|
| 140 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 141 |
MO2f_Utility::unset_session_variables( $session_variables );
|
| 142 |
MO2f_Utility::unset_cookie_variables( $cookie_variables );
|
|
|
|
| 143 |
}
|
| 144 |
|
| 145 |
function custom_login_enqueue_scripts() {
|
|
@@ -148,8 +161,8 @@ class Miniorange_Mobile_Login {
|
|
| 148 |
}
|
| 149 |
|
| 150 |
function mo_2_factor_hide_login() {
|
| 151 |
-
wp_register_style( 'hide-login', plugins_url( 'includes/css/hide-login.css?version=5.
|
| 152 |
-
wp_register_style( 'bootstrap', plugins_url( 'includes/css/bootstrap.min.css?version=5.
|
| 153 |
|
| 154 |
wp_enqueue_style( 'hide-login' );
|
| 155 |
wp_enqueue_style( 'bootstrap' );
|
|
@@ -157,19 +170,19 @@ class Miniorange_Mobile_Login {
|
|
| 157 |
}
|
| 158 |
|
| 159 |
function mo_auth_success_message() {
|
| 160 |
-
$message = $_SESSION['
|
| 161 |
//if the php session folder has insufficient permissions, cookies to be used
|
| 162 |
-
$message = MO2f_Utility::
|
| 163 |
|
| 164 |
return "<div> <p class='message'>" . $message . "</p></div>";
|
| 165 |
}
|
| 166 |
|
| 167 |
function mo_auth_error_message() {
|
| 168 |
$id = "login_error1";
|
| 169 |
-
$message = $_SESSION['
|
| 170 |
|
| 171 |
//if the php session folder has insufficient permissions, cookies to be used
|
| 172 |
-
$message = MO2f_Utility::
|
| 173 |
|
| 174 |
return "<div id='" . $id . "'> <p>" . $message . "</p></div>";
|
| 175 |
}
|
|
@@ -184,7 +197,7 @@ class Miniorange_Mobile_Login {
|
|
| 184 |
if ( get_option( 'mo2f_enable_login_with_2nd_factor' ) ) { //login with phone overwrite default login form
|
| 185 |
|
| 186 |
//if the php session folder has insufficient permissions, cookies to be used
|
| 187 |
-
$login_status_phone_enable = MO2f_Utility::
|
| 188 |
|
| 189 |
if ( $login_status_phone_enable == 'MO_2_FACTOR_LOGIN_WHEN_PHONELOGIN_ENABLED' && isset( $_POST['miniorange_login_nonce'] ) && wp_verify_nonce( $_POST['miniorange_login_nonce'], 'miniorange-2-factor-login-nonce' ) ) {
|
| 190 |
|
|
@@ -211,7 +224,7 @@ class Miniorange_Mobile_Login {
|
|
| 211 |
}
|
| 212 |
|
| 213 |
function mo_2_factor_show_login_with_password_when_phonelogin_enabled() {
|
| 214 |
-
wp_register_style( 'show-login', plugins_url( 'includes/css/show-login.css?version=5.
|
| 215 |
wp_enqueue_style( 'show-login' );
|
| 216 |
}
|
| 217 |
|
|
@@ -233,9 +246,9 @@ class Miniorange_Mobile_Login {
|
|
| 233 |
|
| 234 |
function mo_2_factor_show_login() {
|
| 235 |
if ( get_option( 'mo2f_enable_login_with_2nd_factor' ) ) {
|
| 236 |
-
wp_register_style( 'show-login', plugins_url( 'includes/css/hide-login-form.css?version=5.
|
| 237 |
} else {
|
| 238 |
-
wp_register_style( 'show-login', plugins_url( 'includes/css/show-login.css?version=5.
|
| 239 |
}
|
| 240 |
wp_enqueue_style( 'show-login' );
|
| 241 |
}
|
| 34 |
return $currentuser;
|
| 35 |
} else {
|
| 36 |
$this->miniorange_login_start_session();
|
| 37 |
+
|
| 38 |
+
$pass2fa_login_session = new Miniorange_Password_2Factor_Login();
|
| 39 |
+
$session_id=$pass2fa_login_session->create_session();
|
| 40 |
|
| 41 |
$current_roles = miniorange_get_user_role( $currentuser );
|
| 42 |
|
| 49 |
$mo2f_user_registration_status = $Mo2fdbQueries->get_user_detail( 'mo_2factor_user_registration_status', $currentuser->ID );
|
| 50 |
|
| 51 |
if ( $mo2f_user_email && $mo2f_user_registration_status == 'MO_2_FACTOR_PLUGIN_SETTINGS' ) { //checking if user has configured any 2nd factor method
|
| 52 |
+
MO2f_Utility::set_user_values( $session_id, "mo2f_login_message", '<strong>ERROR</strong>: Login with password is disabled for you. Please Login using your phone.' );
|
|
|
|
| 53 |
$this->mo_auth_show_error_message();
|
| 54 |
$this->mo2f_redirectto_wp_login();
|
| 55 |
$error = new WP_Error();
|
| 57 |
return $error;
|
| 58 |
} else { //if user has not configured any 2nd factor method then logged him in without asking 2nd factor
|
| 59 |
|
| 60 |
+
$this->mo2f_verify_and_authenticate_userlogin( $currentuser, $redirect_to,$session_id );
|
| 61 |
}
|
| 62 |
} else { //plugin is not activated for non-admin then logged him in
|
| 63 |
|
| 64 |
|
| 65 |
+
$this->mo2f_verify_and_authenticate_userlogin( $currentuser, $redirect_to,$session_id );
|
| 66 |
|
| 67 |
}
|
| 68 |
}
|
| 79 |
add_filter( 'login_message', array( $this, 'mo_auth_error_message' ) );
|
| 80 |
|
| 81 |
}
|
| 82 |
+
|
| 83 |
+
|
| 84 |
|
| 85 |
function mo2f_redirectto_wp_login() {
|
| 86 |
+
global $Mo2fdbQueries;
|
| 87 |
+
$pass2fa_login_session = new Miniorange_Password_2Factor_Login();
|
| 88 |
+
$session_id=$pass2fa_login_session->create_session();
|
| 89 |
remove_action( 'login_enqueue_scripts', array( $this, 'mo_2_factor_hide_login' ) );
|
| 90 |
add_action( 'login_dequeue_scripts', array( $this, 'mo_2_factor_show_login' ) );
|
| 91 |
if ( get_option( 'mo2f_enable_login_with_2nd_factor' ) ) {
|
| 92 |
+
MO2f_Utility::set_user_values( $session_id, "mo_2factor_login_status", 'MO_2_FACTOR_LOGIN_WHEN_PHONELOGIN_ENABLED' );
|
|
|
|
|
|
|
|
|
|
| 93 |
} else {
|
| 94 |
+
MO2f_Utility::set_user_values( $session_id, "mo_2factor_login_status", 'MO_2_FACTOR_SHOW_USERPASS_LOGIN_FORM' );
|
|
|
|
|
|
|
|
|
|
| 95 |
}
|
| 96 |
}
|
| 97 |
|
| 98 |
+
function mo2f_verify_and_authenticate_userlogin( $user, $redirect_to = null, $session_id=null ) {
|
| 99 |
|
| 100 |
$user_id = $user->ID;
|
| 101 |
wp_set_current_user( $user_id, $user->user_login );
|
| 102 |
+
$this->remove_current_activity($session_id);
|
| 103 |
wp_set_auth_cookie( $user_id, true );
|
| 104 |
do_action( 'wp_login', $user->user_login, $user );
|
| 105 |
redirect_user_to( $user, $redirect_to );
|
| 107 |
|
| 108 |
}
|
| 109 |
|
| 110 |
+
function remove_current_activity($session_id) {
|
| 111 |
$session_variables = array(
|
| 112 |
'mo2f_current_user_id',
|
| 113 |
'mo2f_1stfactor_status',
|
| 114 |
'mo_2factor_login_status',
|
| 115 |
'mo2f-login-qrCode',
|
| 116 |
'mo2f_transactionId',
|
| 117 |
+
'mo2f_login_message',
|
| 118 |
'mo2f_rba_status',
|
| 119 |
'mo_2_factor_kba_questions',
|
| 120 |
'mo2f_show_qr_code',
|
| 128 |
'mo_2factor_login_status',
|
| 129 |
'mo2f-login-qrCode',
|
| 130 |
'mo2f_transactionId',
|
| 131 |
+
'mo2f_login_message',
|
| 132 |
'mo2f_rba_status_status',
|
| 133 |
'mo2f_rba_status_sessionUuid',
|
| 134 |
'mo2f_rba_status_decision_flag',
|
| 139 |
'mo2f_authy_keys'
|
| 140 |
);
|
| 141 |
|
| 142 |
+
$temp_table_variables = array(
|
| 143 |
+
'session_id',
|
| 144 |
+
'mo2f_current_user_id',
|
| 145 |
+
'mo2f_login_message',
|
| 146 |
+
'mo2f_1stfactor_status',
|
| 147 |
+
'mo2f_transactionId',
|
| 148 |
+
'mo_2_factor_kba_questions',
|
| 149 |
+
'mo2f_rba_status',
|
| 150 |
+
'ts_created'
|
| 151 |
+
);
|
| 152 |
+
|
| 153 |
MO2f_Utility::unset_session_variables( $session_variables );
|
| 154 |
MO2f_Utility::unset_cookie_variables( $cookie_variables );
|
| 155 |
+
MO2f_Utility::unset_temp_user_details_in_table( $temp_table_variables, $session_id, "destroy" );
|
| 156 |
}
|
| 157 |
|
| 158 |
function custom_login_enqueue_scripts() {
|
| 161 |
}
|
| 162 |
|
| 163 |
function mo_2_factor_hide_login() {
|
| 164 |
+
wp_register_style( 'hide-login', plugins_url( 'includes/css/hide-login.css?version=5.1.6', __FILE__ ) );
|
| 165 |
+
wp_register_style( 'bootstrap', plugins_url( 'includes/css/bootstrap.min.css?version=5.1.6', __FILE__ ) );
|
| 166 |
|
| 167 |
wp_enqueue_style( 'hide-login' );
|
| 168 |
wp_enqueue_style( 'bootstrap' );
|
| 170 |
}
|
| 171 |
|
| 172 |
function mo_auth_success_message() {
|
| 173 |
+
$message = $_SESSION['mo2f_login_message'];
|
| 174 |
//if the php session folder has insufficient permissions, cookies to be used
|
| 175 |
+
$message = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_login_message' );
|
| 176 |
|
| 177 |
return "<div> <p class='message'>" . $message . "</p></div>";
|
| 178 |
}
|
| 179 |
|
| 180 |
function mo_auth_error_message() {
|
| 181 |
$id = "login_error1";
|
| 182 |
+
$message = $_SESSION['mo2f_login_message'];
|
| 183 |
|
| 184 |
//if the php session folder has insufficient permissions, cookies to be used
|
| 185 |
+
$message = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_login_message' );
|
| 186 |
|
| 187 |
return "<div id='" . $id . "'> <p>" . $message . "</p></div>";
|
| 188 |
}
|
| 197 |
if ( get_option( 'mo2f_enable_login_with_2nd_factor' ) ) { //login with phone overwrite default login form
|
| 198 |
|
| 199 |
//if the php session folder has insufficient permissions, cookies to be used
|
| 200 |
+
$login_status_phone_enable = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo_2factor_login_status' );
|
| 201 |
|
| 202 |
if ( $login_status_phone_enable == 'MO_2_FACTOR_LOGIN_WHEN_PHONELOGIN_ENABLED' && isset( $_POST['miniorange_login_nonce'] ) && wp_verify_nonce( $_POST['miniorange_login_nonce'], 'miniorange-2-factor-login-nonce' ) ) {
|
| 203 |
|
| 224 |
}
|
| 225 |
|
| 226 |
function mo_2_factor_show_login_with_password_when_phonelogin_enabled() {
|
| 227 |
+
wp_register_style( 'show-login', plugins_url( 'includes/css/show-login.css?version=5.1.6', __FILE__ ) );
|
| 228 |
wp_enqueue_style( 'show-login' );
|
| 229 |
}
|
| 230 |
|
| 246 |
|
| 247 |
function mo_2_factor_show_login() {
|
| 248 |
if ( get_option( 'mo2f_enable_login_with_2nd_factor' ) ) {
|
| 249 |
+
wp_register_style( 'show-login', plugins_url( 'includes/css/hide-login-form.css?version=5.1.6', __FILE__ ) );
|
| 250 |
} else {
|
| 251 |
+
wp_register_style( 'show-login', plugins_url( 'includes/css/show-login.css?version=5.1.6', __FILE__ ) );
|
| 252 |
}
|
| 253 |
wp_enqueue_style( 'show-login' );
|
| 254 |
}
|
class-miniorange-2-factor-pass2fa-login.php
CHANGED
|
@@ -35,24 +35,26 @@ class Miniorange_Password_2Factor_Login {
|
|
| 35 |
|
| 36 |
if ( isset( $_POST['miniorange_login_nonce'] ) ) {
|
| 37 |
$nonce = $_POST['miniorange_login_nonce'];
|
|
|
|
|
|
|
| 38 |
if ( ! wp_verify_nonce( $nonce, 'miniorange-2-factor-login-nonce' ) ) {
|
| 39 |
-
|
|
|
|
| 40 |
$error = new WP_Error();
|
| 41 |
$error->add( 'empty_username', '<strong>' . mo2f_lt( 'ERROR' ) . '</strong>: ' . mo2f_lt( 'Invalid Request.' ) );
|
| 42 |
|
| 43 |
return $error;
|
| 44 |
-
|
| 45 |
-
|
|
|
|
|
|
|
| 46 |
$mobile_login = new Miniorange_Mobile_Login();
|
| 47 |
//validation and sanitization
|
| 48 |
-
|
| 49 |
-
|
| 50 |
-
$_SESSION['mo2f-login-message'] = 'Please enter username to proceed';
|
| 51 |
-
//if the php session folder has insufficient permissions, cookies to be used
|
| 52 |
-
MO2f_Utility::mo2f_set_cookie_values( "mo2f-login-message", 'Please enter username to proceed' );
|
| 53 |
-
|
| 54 |
-
$mobile_login->mo_auth_show_error_message();
|
| 55 |
|
|
|
|
|
|
|
| 56 |
return;
|
| 57 |
} else {
|
| 58 |
$username = sanitize_text_field( $_POST['mo2fa_username'] );
|
|
@@ -62,15 +64,10 @@ class Miniorange_Password_2Factor_Login {
|
|
| 62 |
if ( username_exists( $username ) ) { /*if username exists in wp site */
|
| 63 |
$user = new WP_User( $username );
|
| 64 |
|
| 65 |
-
$_SESSION['mo2f_current_user_id'] = $user->ID;
|
| 66 |
$redirect_to = isset( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : null;
|
| 67 |
|
| 68 |
-
$
|
| 69 |
-
|
| 70 |
-
//if the php session folder has insufficient permissions, cookies to be used
|
| 71 |
-
MO2f_Utility::mo2f_set_cookie_values( "mo2f_current_user_id", $user->ID );
|
| 72 |
-
MO2f_Utility::mo2f_set_cookie_values( "mo2f_1stfactor_status", 'VALIDATE_SUCCESS' );
|
| 73 |
-
|
| 74 |
|
| 75 |
$current_roles = miniorange_get_user_role( $user );
|
| 76 |
$enabled = miniorange_check_if_2fa_enabled_for_roles( $current_roles );
|
|
@@ -80,50 +77,41 @@ class Miniorange_Password_2Factor_Login {
|
|
| 80 |
if ( $enabled ) {
|
| 81 |
if ( $email && $mo_2factor_user_registration_status == 'MO_2_FACTOR_PLUGIN_SETTINGS' ) {
|
| 82 |
if ( MO2f_Utility::check_if_request_is_from_mobile_device( $_SERVER['HTTP_USER_AGENT'] ) && $kba_configuration_status ) {
|
| 83 |
-
$this->mo2f_pass2login_kba_verification( $user->ID, $redirect_to );
|
| 84 |
|
| 85 |
} else {
|
| 86 |
$mo2f_second_factor = mo2f_get_user_2ndfactor( $user );
|
| 87 |
if ( $mo2f_second_factor == 'MOBILE AUTHENTICATION' ) {
|
| 88 |
-
$this->mo2f_pass2login_mobile_verification( $user, $redirect_to );
|
| 89 |
} else if ( $mo2f_second_factor == 'PUSH NOTIFICATIONS' || $mo2f_second_factor == 'OUT OF BAND EMAIL' ) {
|
| 90 |
-
$this->mo2f_pass2login_push_oobemail_verification( $user, $mo2f_second_factor, $redirect_to );
|
| 91 |
} else if ( $mo2f_second_factor == 'SOFT TOKEN' || $mo2f_second_factor == 'SMS' || $mo2f_second_factor == 'PHONE VERIFICATION' || $mo2f_second_factor == 'GOOGLE AUTHENTICATOR' ) {
|
| 92 |
|
| 93 |
-
$this->mo2f_pass2login_otp_verification( $user, $mo2f_second_factor, $redirect_to );
|
| 94 |
|
| 95 |
} else if ( $mo2f_second_factor == 'KBA' ) {
|
| 96 |
|
| 97 |
-
$this->mo2f_pass2login_kba_verification( $user->ID, $redirect_to );
|
| 98 |
} else {
|
| 99 |
-
$this->remove_current_activity();
|
| 100 |
-
$
|
| 101 |
-
//if the php session folder has insufficient permissions, cookies to be used
|
| 102 |
-
MO2f_Utility::mo2f_set_cookie_values( "mo2f-login-message", 'Please try again or contact your admin.' );
|
| 103 |
$mobile_login->mo_auth_show_success_message();
|
| 104 |
}
|
| 105 |
}
|
| 106 |
} else {
|
| 107 |
|
| 108 |
-
$
|
| 109 |
-
//if the php session folder has insufficient permissions, cookies to be used
|
| 110 |
-
MO2f_Utility::mo2f_set_cookie_values( "mo2f-login-message", 'Please login into your account using password.' );
|
| 111 |
-
|
| 112 |
$mobile_login->mo_auth_show_success_message();
|
| 113 |
$mobile_login->mo2f_redirectto_wp_login();
|
| 114 |
}
|
| 115 |
} else {
|
| 116 |
-
$
|
| 117 |
-
//if the php session folder has insufficient permissions, cookies to be used
|
| 118 |
-
MO2f_Utility::mo2f_set_cookie_values( "mo2f-login-message", 'Please login into your account using password.' );
|
| 119 |
$mobile_login->mo_auth_show_success_message();
|
| 120 |
$mobile_login->mo2f_redirectto_wp_login();
|
| 121 |
}
|
| 122 |
} else {
|
| 123 |
-
$mobile_login->remove_current_activity();
|
| 124 |
-
$
|
| 125 |
-
//if the php session folder has insufficient permissions, cookies to be used
|
| 126 |
-
MO2f_Utility::mo2f_set_cookie_values( "mo2f-login-message", 'Invalid Username.' );
|
| 127 |
$mobile_login->mo_auth_show_error_message();
|
| 128 |
}
|
| 129 |
}
|
|
@@ -134,28 +122,30 @@ class Miniorange_Password_2Factor_Login {
|
|
| 134 |
if ( isset( $_POST['mo2f_trust_device_confirm_nonce'] ) ) { /*register device as rba profile */
|
| 135 |
$nonce = $_POST['mo2f_trust_device_confirm_nonce'];
|
| 136 |
if ( ! wp_verify_nonce( $nonce, 'miniorange-2-factor-trust-device-confirm-nonce' ) ) {
|
| 137 |
-
|
| 138 |
-
|
| 139 |
-
|
|
|
|
| 140 |
|
| 141 |
-
|
| 142 |
-
|
| 143 |
-
|
| 144 |
-
|
|
|
|
| 145 |
|
| 146 |
-
|
| 147 |
-
|
| 148 |
|
| 149 |
-
|
| 150 |
|
| 151 |
|
| 152 |
-
|
| 153 |
-
|
| 154 |
-
|
| 155 |
-
|
| 156 |
-
|
| 157 |
|
| 158 |
-
$this->mo2fa_pass2login( $redirect_to );
|
| 159 |
}
|
| 160 |
}
|
| 161 |
|
|
@@ -168,8 +158,9 @@ class Miniorange_Password_2Factor_Login {
|
|
| 168 |
return $error;
|
| 169 |
} else {
|
| 170 |
$this->miniorange_pass2login_start_session();
|
|
|
|
| 171 |
$redirect_to = isset( $_POST['redirect_to'] ) ? $_POST['redirect_to'] : null;
|
| 172 |
-
$this->mo2fa_pass2login( $redirect_to );
|
| 173 |
}
|
| 174 |
}
|
| 175 |
|
|
@@ -182,6 +173,7 @@ class Miniorange_Password_2Factor_Login {
|
|
| 182 |
return $error;
|
| 183 |
} else {
|
| 184 |
$this->miniorange_pass2login_start_session();
|
|
|
|
| 185 |
$forgot_phone_enable = get_option( 'mo2f_enable_forgotphone' );
|
| 186 |
$forgot_phone_kba_enable = get_option( 'mo2f_enable_forgotphone_kba' );
|
| 187 |
$forgot_phone_email_enable = get_option( 'mo2f_enable_forgotphone_email' );
|
|
@@ -189,7 +181,7 @@ class Miniorange_Password_2Factor_Login {
|
|
| 189 |
$second_factor = isset( $_POST['mo2f_configured_2FA_method'] ) ? $_POST['mo2f_configured_2FA_method'] : 'KBA';
|
| 190 |
$redirect_to = isset( $_POST['redirect_to'] ) ? $_POST['redirect_to'] : null;
|
| 191 |
$user = unserialize( $_SESSION['mo2f_current_user'] );
|
| 192 |
-
$user_id = MO2f_Utility::
|
| 193 |
$email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user_id );
|
| 194 |
$kba_configuration_status = $Mo2fdbQueries->get_user_detail( 'mo2f_SecurityQuestions_config_status', $user_id );
|
| 195 |
|
|
@@ -202,9 +194,7 @@ class Miniorange_Password_2Factor_Login {
|
|
| 202 |
$mo2f_login_status = '';
|
| 203 |
|
| 204 |
if ( strcasecmp( $content['status'], 'SUCCESS' ) == 0 ) {
|
| 205 |
-
$
|
| 206 |
-
//if the php session folder has insufficient permissions, cookies to be used
|
| 207 |
-
MO2f_Utility::mo2f_set_cookie_values( "mo2f_transactionId", $content['txId'] );
|
| 208 |
|
| 209 |
$mo2fa_login_message = 'A one time passcode has been sent to <b>' . MO2f_Utility::mo2f_get_hidden_email( $email ) . '</b>. Please enter the OTP to verify your identity.';
|
| 210 |
$mo2f_login_status = 'MO_2_FACTOR_CHALLENGE_OTP_OVER_EMAIL';
|
|
@@ -212,14 +202,14 @@ class Miniorange_Password_2Factor_Login {
|
|
| 212 |
$mo2fa_login_message = 'Error occured while sending OTP over your regsitered email. Please try again.';
|
| 213 |
$mo2f_login_status = 'MO_2_FACTOR_CHALLENGE_KBA_AND_OTP_OVER_EMAIL';
|
| 214 |
}
|
| 215 |
-
$this->miniorange_pass2login_form_fields( $mo2f_login_status, $mo2fa_login_message, $redirect_to );
|
| 216 |
} else if ( $forgot_phone_enable && $forgot_phone_kba_enable ) {
|
| 217 |
if ( $kba_configuration_status ) {
|
| 218 |
-
$this->mo2f_pass2login_kba_verification( $user_id, $redirect_to );
|
| 219 |
} else {
|
| 220 |
$mo2fa_login_message = 'Your KBA is not configured. Please choose other option to procedd further.';
|
| 221 |
$mo2f_login_status = 'MO_2_FACTOR_CHALLENGE_KBA_AND_OTP_OVER_EMAIL';
|
| 222 |
-
$this->miniorange_pass2login_form_fields( $mo2f_login_status, $mo2fa_login_message, $redirect_to );
|
| 223 |
}
|
| 224 |
}
|
| 225 |
}
|
|
@@ -234,11 +224,11 @@ class Miniorange_Password_2Factor_Login {
|
|
| 234 |
return $error;
|
| 235 |
} else {
|
| 236 |
$this->miniorange_pass2login_start_session();
|
| 237 |
-
|
| 238 |
-
$user_id = MO2f_Utility::
|
| 239 |
|
| 240 |
$redirect_to = isset( $_POST['redirect_to'] ) ? $_POST['redirect_to'] : null;
|
| 241 |
-
$this->mo2f_pass2login_kba_verification( $user_id, $redirect_to );
|
| 242 |
}
|
| 243 |
}
|
| 244 |
|
|
@@ -252,8 +242,8 @@ class Miniorange_Password_2Factor_Login {
|
|
| 252 |
} else {
|
| 253 |
|
| 254 |
$this->miniorange_pass2login_start_session();
|
| 255 |
-
|
| 256 |
-
$user_id = MO2f_Utility::
|
| 257 |
|
| 258 |
$redirect_to = isset( $_POST['redirect_to'] ) ? $_POST['redirect_to'] : null;
|
| 259 |
|
|
@@ -261,10 +251,10 @@ class Miniorange_Password_2Factor_Login {
|
|
| 261 |
if ( MO2f_Utility::mo2f_check_empty_or_null( $_POST['mo2f_answer_1'] ) || MO2f_Utility::mo2f_check_empty_or_null( $_POST['mo2f_answer_2'] ) ) {
|
| 262 |
$mo2fa_login_message = 'Please provide both the answers.';
|
| 263 |
$mo2fa_login_status = 'MO_2_FACTOR_CHALLENGE_KBA_AUTHENTICATION';
|
| 264 |
-
$this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to );
|
| 265 |
}
|
| 266 |
$otpToken = array();
|
| 267 |
-
$kba_questions = MO2f_Utility::
|
| 268 |
|
| 269 |
$otpToken[0] = $kba_questions[0];
|
| 270 |
$otpToken[1] = sanitize_text_field( $_POST['mo2f_answer_1'] );
|
|
@@ -274,9 +264,9 @@ class Miniorange_Password_2Factor_Login {
|
|
| 274 |
$check_trust_device = isset( $_POST['mo2f_trust_device'] ) ? $_POST['mo2f_trust_device'] : 'false';
|
| 275 |
|
| 276 |
//if the php session folder has insufficient permissions, cookies to be used
|
| 277 |
-
$mo2f_login_transaction_id = MO2f_Utility::
|
| 278 |
|
| 279 |
-
$mo2f_rba_status = MO2f_Utility::
|
| 280 |
|
| 281 |
$kba_validate = new Customer_Setup();
|
| 282 |
$kba_validate_response = json_decode( $kba_validate->validate_otp_token( 'KBA', null, $mo2f_login_transaction_id, $otpToken, get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) ), true );
|
|
@@ -289,18 +279,18 @@ class Miniorange_Password_2Factor_Login {
|
|
| 289 |
} catch ( Exception $e ) {
|
| 290 |
echo $e->getMessage();
|
| 291 |
}
|
| 292 |
-
$this->mo2fa_pass2login( $redirect_to );
|
| 293 |
} else {
|
| 294 |
-
$this->mo2fa_pass2login( $redirect_to );
|
| 295 |
}
|
| 296 |
} else {
|
| 297 |
|
| 298 |
$mo2fa_login_message = 'The answers you have provided are incorrect.';
|
| 299 |
$mo2fa_login_status = 'MO_2_FACTOR_CHALLENGE_KBA_AUTHENTICATION';
|
| 300 |
-
$this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to
|
| 301 |
}
|
| 302 |
} else {
|
| 303 |
-
$this->remove_current_activity();
|
| 304 |
|
| 305 |
return new WP_Error( 'invalid_username', __( '<strong>ERROR</strong>: Please try again..' ) );
|
| 306 |
}
|
|
@@ -316,9 +306,9 @@ class Miniorange_Password_2Factor_Login {
|
|
| 316 |
return $error;
|
| 317 |
} else {
|
| 318 |
$this->miniorange_pass2login_start_session();
|
| 319 |
-
|
| 320 |
//if the php session folder has insufficient permissions, cookies to be used
|
| 321 |
-
$mo2f_login_transaction_id = MO2f_Utility::
|
| 322 |
|
| 323 |
$redirect_to = isset( $_POST['redirect_to'] ) ? $_POST['redirect_to'] : null;
|
| 324 |
$checkMobileStatus = new Two_Factor_Setup();
|
|
@@ -328,17 +318,17 @@ class Miniorange_Password_2Factor_Login {
|
|
| 328 |
if ( $response['status'] == 'SUCCESS' ) {
|
| 329 |
if ( get_option( 'mo2f_remember_device' ) ) {
|
| 330 |
$mo2fa_login_status = 'MO_2_FACTOR_REMEMBER_TRUSTED_DEVICE';
|
| 331 |
-
$this->miniorange_pass2login_form_fields( $mo2fa_login_status, null, $redirect_to );
|
| 332 |
} else {
|
| 333 |
-
$this->mo2fa_pass2login( $redirect_to );
|
| 334 |
}
|
| 335 |
} else {
|
| 336 |
-
$this->remove_current_activity();
|
| 337 |
|
| 338 |
return new WP_Error( 'invalid_username', __( '<strong>ERROR</strong>: Please try again.' ) );
|
| 339 |
}
|
| 340 |
} else {
|
| 341 |
-
$this->remove_current_activity();
|
| 342 |
|
| 343 |
return new WP_Error( 'invalid_username', __( '<strong>ERROR</strong>: Please try again.' ) );
|
| 344 |
}
|
|
@@ -354,7 +344,8 @@ class Miniorange_Password_2Factor_Login {
|
|
| 354 |
return $error;
|
| 355 |
} else {
|
| 356 |
$this->miniorange_pass2login_start_session();
|
| 357 |
-
|
|
|
|
| 358 |
}
|
| 359 |
}
|
| 360 |
|
|
@@ -367,19 +358,20 @@ class Miniorange_Password_2Factor_Login {
|
|
| 367 |
return $error;
|
| 368 |
} else {
|
| 369 |
$mo2fa_login_status = isset( $_POST['request_origin_method'] ) ? $_POST['request_origin_method'] : null;
|
|
|
|
| 370 |
$redirect_to = isset( $_POST['redirect_to'] ) ? $_POST['redirect_to'] : null;
|
| 371 |
$mo2fa_login_message = '';
|
| 372 |
|
| 373 |
$this->miniorange_pass2login_start_session();
|
| 374 |
$customer = new Customer_Setup();
|
| 375 |
-
$user_id = MO2f_Utility::
|
| 376 |
$user_email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user_id );
|
| 377 |
$kba_configuration_status = $Mo2fdbQueries->get_user_detail( 'mo2f_SecurityQuestions_config_status', $user_id );
|
| 378 |
|
| 379 |
if ( $kba_configuration_status ) {
|
| 380 |
$mo2fa_login_status = 'MO_2_FACTOR_CHALLENGE_KBA_AND_OTP_OVER_EMAIL';
|
| 381 |
$pass2fa_login = new Miniorange_Password_2Factor_Login();
|
| 382 |
-
$pass2fa_login->mo2f_pass2login_kba_verification( $user_id, $redirect_to );
|
| 383 |
} else {
|
| 384 |
$hidden_user_email = MO2f_Utility::mo2f_get_hidden_email( $user_email );
|
| 385 |
$content = json_decode( $customer->send_otp_token( $user_email, 'EMAIL', get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) ), true );
|
|
@@ -391,24 +383,22 @@ class Miniorange_Password_2Factor_Login {
|
|
| 391 |
|
| 392 |
MO2f_Utility::unset_session_variables( $session_cookie_variables );
|
| 393 |
MO2f_Utility::unset_cookie_variables( $session_cookie_variables );
|
| 394 |
-
|
| 395 |
-
$_SESSION['mo2f-login-message'] = 'A one time passcode has been sent to <b>' . $hidden_user_email . '</b>. Please enter the OTP to verify your identity.';
|
| 396 |
-
$_SESSION['mo2f_transactionId'] = $content['txId'];
|
| 397 |
|
| 398 |
//if the php session folder has insufficient permissions, cookies to be used
|
| 399 |
-
MO2f_Utility::
|
| 400 |
-
MO2f_Utility::
|
| 401 |
|
| 402 |
$mo2fa_login_message = 'A one time passcode has been sent to <b>' . $hidden_user_email . '</b>. Please enter the OTP to verify your identity.';
|
| 403 |
$mo2fa_login_status = 'MO_2_FACTOR_CHALLENGE_OTP_OVER_EMAIL';
|
| 404 |
} else {
|
| 405 |
$mo2fa_login_message = 'Error occurred while sending OTP over email. Please try again.';
|
| 406 |
}
|
| 407 |
-
$this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to );
|
| 408 |
}
|
| 409 |
$pass2fa_login = new Miniorange_Password_2Factor_Login();
|
| 410 |
|
| 411 |
-
$pass2fa_login->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to );
|
| 412 |
}
|
| 413 |
}
|
| 414 |
|
|
@@ -421,16 +411,17 @@ class Miniorange_Password_2Factor_Login {
|
|
| 421 |
return $error;
|
| 422 |
} else {
|
| 423 |
$this->miniorange_pass2login_start_session();
|
| 424 |
-
|
| 425 |
$session_cookie_variables = array( 'mo2f-login-qrCode', 'mo2f_transactionId' );
|
| 426 |
|
| 427 |
MO2f_Utility::unset_session_variables( $session_cookie_variables );
|
| 428 |
MO2f_Utility::unset_cookie_variables( $session_cookie_variables );
|
|
|
|
| 429 |
|
| 430 |
$redirect_to = isset( $_POST['redirect_to'] ) ? $_POST['redirect_to'] : null;
|
| 431 |
$mo2fa_login_message = 'Please enter the one time passcode shown in the miniOrange<b> Authenticator</b> app.';
|
| 432 |
$mo2fa_login_status = 'MO_2_FACTOR_CHALLENGE_SOFT_TOKEN';
|
| 433 |
-
$this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to );
|
| 434 |
}
|
| 435 |
}
|
| 436 |
|
|
@@ -444,21 +435,22 @@ class Miniorange_Password_2Factor_Login {
|
|
| 444 |
return $error;
|
| 445 |
} else {
|
| 446 |
$this->miniorange_pass2login_start_session();
|
|
|
|
| 447 |
$mo2fa_login_status = isset( $_POST['request_origin_method'] ) ? $_POST['request_origin_method'] : null;
|
| 448 |
$redirect_to = isset( $_POST['redirect_to'] ) ? $_POST['redirect_to'] : null;
|
| 449 |
$softtoken = '';
|
| 450 |
if ( MO2f_utility::mo2f_check_empty_or_null( $_POST['mo2fa_softtoken'] ) ) {
|
| 451 |
$mo2fa_login_message = 'Please enter OTP to proceed.';
|
| 452 |
-
$this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to );
|
| 453 |
} else {
|
| 454 |
$softtoken = sanitize_text_field( $_POST['mo2fa_softtoken'] );
|
| 455 |
if ( ! MO2f_utility::mo2f_check_number_length( $softtoken ) ) {
|
| 456 |
$mo2fa_login_message = 'Invalid OTP. Only digits within range 4-8 are allowed. Please try again.';
|
| 457 |
-
$this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to );
|
| 458 |
}
|
| 459 |
}
|
| 460 |
|
| 461 |
-
$user_id = MO2f_Utility::
|
| 462 |
$user_email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user_id );
|
| 463 |
|
| 464 |
if ( isset( $user_id ) ) {
|
|
@@ -466,7 +458,7 @@ class Miniorange_Password_2Factor_Login {
|
|
| 466 |
$customer = new Customer_Setup();
|
| 467 |
$content = '';
|
| 468 |
//if the php session folder has insufficient permissions, cookies to be used
|
| 469 |
-
$mo2f_login_transaction_id = MO2f_Utility::
|
| 470 |
|
| 471 |
if ( isset( $mo2fa_login_status ) && $mo2fa_login_status == 'MO_2_FACTOR_CHALLENGE_OTP_OVER_EMAIL' ) {
|
| 472 |
$content = json_decode( $customer->validate_otp_token( 'EMAIL', null, $mo2f_login_transaction_id, $softtoken, get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) ), true );
|
|
@@ -479,7 +471,7 @@ class Miniorange_Password_2Factor_Login {
|
|
| 479 |
} else if ( isset( $mo2fa_login_status ) && $mo2fa_login_status == 'MO_2_FACTOR_CHALLENGE_GOOGLE_AUTHENTICATION' ) {
|
| 480 |
$content = json_decode( $customer->validate_otp_token( 'GOOGLE AUTHENTICATOR', $user_email, null, $softtoken, get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) ), true );
|
| 481 |
} else {
|
| 482 |
-
$this->remove_current_activity();
|
| 483 |
|
| 484 |
return new WP_Error( 'invalid_username', __( '<strong>ERROR</strong>: Invalid Request. Please try again.' ) );
|
| 485 |
}
|
|
@@ -488,18 +480,18 @@ class Miniorange_Password_2Factor_Login {
|
|
| 488 |
if ( get_option( 'mo2f_remember_device' ) ) {
|
| 489 |
$mo2fa_login_status = 'MO_2_FACTOR_REMEMBER_TRUSTED_DEVICE';
|
| 490 |
|
| 491 |
-
$this->miniorange_pass2login_form_fields( $mo2fa_login_status, null, $redirect_to );
|
| 492 |
} else {
|
| 493 |
-
$this->mo2fa_pass2login( $redirect_to );
|
| 494 |
}
|
| 495 |
} else {
|
| 496 |
|
| 497 |
$message = $mo2fa_login_status == 'MO_2_FACTOR_CHALLENGE_SOFT_TOKEN' ? 'You have entered an invalid OTP.<br>Please click on <b>Sync Time</b> in the miniOrange Authenticator app to sync your phone time with the miniOrange servers and try again.' : 'Invalid OTP. Please try again.';
|
| 498 |
-
$this->miniorange_pass2login_form_fields( $mo2fa_login_status, $message, $redirect_to );
|
| 499 |
}
|
| 500 |
|
| 501 |
} else {
|
| 502 |
-
$this->remove_current_activity();
|
| 503 |
|
| 504 |
return new WP_Error( 'invalid_username', __( '<strong>ERROR</strong>: Please try again..' ) );
|
| 505 |
}
|
|
@@ -515,8 +507,9 @@ class Miniorange_Password_2Factor_Login {
|
|
| 515 |
return $error;
|
| 516 |
} else {
|
| 517 |
$this->miniorange_pass2login_start_session();
|
| 518 |
-
|
| 519 |
-
$
|
|
|
|
| 520 |
}
|
| 521 |
}
|
| 522 |
|
|
@@ -530,18 +523,19 @@ class Miniorange_Password_2Factor_Login {
|
|
| 530 |
} else {
|
| 531 |
$this->miniorange_pass2login_start_session();
|
| 532 |
|
| 533 |
-
$user_id = MO2f_Utility::
|
| 534 |
$currentuser = get_user_by( 'id', $user_id );
|
| 535 |
|
| 536 |
|
| 537 |
$attributes = isset( $_POST['miniorange_rba_attribures'] ) ? $_POST['miniorange_rba_attribures'] : null;
|
| 538 |
$redirect_to = isset( $_POST['redirect_to'] ) ? $_POST['redirect_to'] : null;
|
| 539 |
-
$
|
|
|
|
| 540 |
}
|
| 541 |
}
|
| 542 |
}
|
| 543 |
|
| 544 |
-
function remove_current_activity() {
|
| 545 |
|
| 546 |
$session_variables = array(
|
| 547 |
'mo2f_current_user_id',
|
|
@@ -549,7 +543,7 @@ class Miniorange_Password_2Factor_Login {
|
|
| 549 |
'mo_2factor_login_status',
|
| 550 |
'mo2f-login-qrCode',
|
| 551 |
'mo2f_transactionId',
|
| 552 |
-
'
|
| 553 |
'mo2f_rba_status',
|
| 554 |
'mo_2_factor_kba_questions',
|
| 555 |
'mo2f_show_qr_code',
|
|
@@ -563,7 +557,7 @@ class Miniorange_Password_2Factor_Login {
|
|
| 563 |
'mo_2factor_login_status',
|
| 564 |
'mo2f-login-qrCode',
|
| 565 |
'mo2f_transactionId',
|
| 566 |
-
'
|
| 567 |
'mo2f_rba_status_status',
|
| 568 |
'mo2f_rba_status_sessionUuid',
|
| 569 |
'mo2f_rba_status_decision_flag',
|
|
@@ -574,8 +568,20 @@ class Miniorange_Password_2Factor_Login {
|
|
| 574 |
'mo2f_authy_keys'
|
| 575 |
);
|
| 576 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 577 |
MO2f_Utility::unset_session_variables( $session_variables );
|
| 578 |
MO2f_Utility::unset_cookie_variables( $cookie_variables );
|
|
|
|
| 579 |
|
| 580 |
|
| 581 |
}
|
|
@@ -586,40 +592,39 @@ class Miniorange_Password_2Factor_Login {
|
|
| 586 |
}
|
| 587 |
}
|
| 588 |
|
| 589 |
-
function mo2f_pass2login_kba_verification( $user_id, $redirect_to ) {
|
| 590 |
global $Mo2fdbQueries;
|
| 591 |
$user_email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user_id );
|
| 592 |
|
|
|
|
|
|
|
|
|
|
|
|
|
| 593 |
$challengeKba = new Customer_Setup();
|
| 594 |
$content = $challengeKba->send_otp_token( $user_email, 'KBA', get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) );
|
| 595 |
$response = json_decode( $content, true );
|
| 596 |
if ( json_last_error() == JSON_ERROR_NONE ) { /* Generate Qr code */
|
| 597 |
if ( $response['status'] == 'SUCCESS' ) {
|
| 598 |
-
|
| 599 |
-
|
| 600 |
-
MO2f_Utility::mo2f_set_cookie_values( "mo2f_transactionId", $response['txId'] );
|
| 601 |
$questions = array();
|
| 602 |
$questions[0] = $response['questions'][0]['question'];
|
| 603 |
$questions[1] = $response['questions'][1]['question'];
|
| 604 |
-
$_SESSION['mo_2_factor_kba_questions'] = $questions;
|
| 605 |
-
|
| 606 |
|
| 607 |
-
|
| 608 |
-
MO2f_Utility::mo2f_set_cookie_values( 'kba_question1', $questions[0] );
|
| 609 |
-
MO2f_Utility::mo2f_set_cookie_values( 'kba_question2', $questions[1] );
|
| 610 |
|
| 611 |
$mo2fa_login_message = 'Please answer the following questions:';
|
| 612 |
$mo2fa_login_status = 'MO_2_FACTOR_CHALLENGE_KBA_AUTHENTICATION';
|
| 613 |
-
$this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to );
|
| 614 |
} else if ( $response['status'] == 'ERROR' ) {
|
| 615 |
-
$this->remove_current_activity();
|
| 616 |
$error = new WP_Error();
|
| 617 |
$error->add( 'empty_username', __( '<strong>ERROR</strong>: An error occured while processing your request. Please Try again.' ) );
|
| 618 |
|
| 619 |
return $error;
|
| 620 |
}
|
| 621 |
} else {
|
| 622 |
-
$this->remove_current_activity();
|
| 623 |
$error = new WP_Error();
|
| 624 |
$error->add( 'empty_username', __( '<strong>ERROR</strong>: An error occured while processing your request. Please Try again.' ) );
|
| 625 |
|
|
@@ -627,24 +632,25 @@ class Miniorange_Password_2Factor_Login {
|
|
| 627 |
}
|
| 628 |
}
|
| 629 |
|
| 630 |
-
function miniorange_pass2login_form_fields( $mo2fa_login_status = null, $mo2fa_login_message = null, $redirect_to = null, $qrCode = null ) {
|
| 631 |
|
| 632 |
$login_status = $mo2fa_login_status;
|
| 633 |
$login_message = $mo2fa_login_message;
|
| 634 |
|
| 635 |
-
$user_id = MO2f_Utility::
|
|
|
|
| 636 |
|
| 637 |
if ( $this->miniorange_pass2login_check_mobile_status( $login_status ) ) { //for mobile
|
| 638 |
-
mo2f_get_qrcode_authentication_prompt( $login_status, $login_message, $redirect_to, $qrCode );
|
| 639 |
exit;
|
| 640 |
} else if ( $this->miniorange_pass2login_check_otp_status( $login_status ) ) { //for soft-token,otp over email,sms,phone verification,google auth
|
| 641 |
-
mo2f_get_otp_authentication_prompt( $login_status, $login_message, $redirect_to );
|
| 642 |
exit;
|
| 643 |
} else if ( $this->miniorange_pass2login_check_forgotphone_status( $login_status ) ) { // forgot phone page if both KBA and Email are configured.
|
| 644 |
-
mo2f_get_forgotphone_form( $login_status, $login_message, $redirect_to );
|
| 645 |
exit;
|
| 646 |
} else if ( $this->miniorange_pass2login_check_push_oobemail_status( $login_status ) ) { //for push and out of band email.
|
| 647 |
-
mo2f_get_push_notification_oobemail_prompt( $user_id, $login_status, $login_message, $redirect_to );
|
| 648 |
exit;
|
| 649 |
} else if ( $this->miniorange_pass2login_reconfig_google( $login_status ) ) { //MO_2_FACTOR_RECONFIG_GOOGLE
|
| 650 |
// shortcode
|
|
@@ -654,10 +660,10 @@ class Miniorange_Password_2Factor_Login {
|
|
| 654 |
$this->mo2f_redirect_shortcode_addon( $user_id, $login_status, $login_message, 'reconfigure_kba' );
|
| 655 |
exit;
|
| 656 |
} else if ( $this->miniorange_pass2login_check_kba_status( $login_status ) ) { // for Kba
|
| 657 |
-
mo2f_get_kba_authentication_prompt( $login_message, $redirect_to );
|
| 658 |
exit;
|
| 659 |
} else if ( $this->miniorange_pass2login_check_trusted_device_status( $login_status ) ) { // trusted device
|
| 660 |
-
mo2f_get_device_form( $redirect_to );
|
| 661 |
exit;
|
| 662 |
} else { //show login screen
|
| 663 |
$this->mo_2_factor_pass2login_show_wp_login_form();
|
|
@@ -737,9 +743,21 @@ class Miniorange_Password_2Factor_Login {
|
|
| 737 |
}
|
| 738 |
|
| 739 |
function mo_2_factor_pass2login_show_wp_login_form() {
|
| 740 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 741 |
<p><input type="hidden" name="miniorange_login_nonce"
|
| 742 |
-
value="<?php echo wp_create_nonce( 'miniorange-2-factor-login-nonce' ); ?>"
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 743 |
|
| 744 |
<?php
|
| 745 |
if ( get_option( 'mo2f_remember_device' ) ) {
|
|
@@ -762,9 +780,9 @@ class Miniorange_Password_2Factor_Login {
|
|
| 762 |
if( get_option('mo2f_enable_2fa_prompt_on_login_page') && ! $is_nc_with_unlimited_users &&
|
| 763 |
in_array(get_option('mo2f_configured_2_factor_method'), array("Google Authenticator", "miniOrange Soft Token", "Authy Authenticator"))){
|
| 764 |
echo "\t<p>\n";
|
| 765 |
-
echo "\t\t<label title=\"".__('If you don\'t have 2-factor authentication enabled for your WordPress account, leave this field empty.','google-authenticator')."\">".__('2 Factor Authentication code*','google-authenticator')."<span id=\"google-auth-info\"></span><br />\n";
|
| 766 |
-
echo "\t\t<input type=\"text\" name=\"mo_softtoken\" id=\"
|
| 767 |
-
echo "\t<p style='color:red; font-size:12px;padding:5px'>* Skip the authentication code if it doesn't apply.</p>\n";
|
| 768 |
echo "\t</p>\n";
|
| 769 |
echo " \r\n";
|
| 770 |
echo " \r\n";
|
|
@@ -774,8 +792,12 @@ class Miniorange_Password_2Factor_Login {
|
|
| 774 |
|
| 775 |
}
|
| 776 |
|
| 777 |
-
function mo2f_pass2login_mobile_verification( $user, $redirect_to )
|
| 778 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
| 779 |
$user_email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user->ID );
|
| 780 |
|
| 781 |
$useragent = $_SERVER['HTTP_USER_AGENT'];
|
|
@@ -783,37 +805,34 @@ class Miniorange_Password_2Factor_Login {
|
|
| 783 |
$session_cookie_variables = array( 'mo2f-login-qrCode', 'mo2f_transactionId' );
|
| 784 |
|
| 785 |
MO2f_Utility::unset_session_variables( $session_cookie_variables );
|
| 786 |
-
MO2f_Utility::unset_cookie_variables( $session_cookie_variables
|
|
|
|
| 787 |
|
| 788 |
$mo2fa_login_message = 'Please enter the one time passcode shown in the miniOrange<b> Authenticator</b> app.';
|
| 789 |
$mo2fa_login_status = 'MO_2_FACTOR_CHALLENGE_SOFT_TOKEN';
|
| 790 |
-
$this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to );
|
| 791 |
} else {
|
| 792 |
$challengeMobile = new Customer_Setup();
|
| 793 |
$content = $challengeMobile->send_otp_token( $user_email, 'MOBILE AUTHENTICATION', get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) );
|
| 794 |
$response = json_decode( $content, true );
|
| 795 |
if ( json_last_error() == JSON_ERROR_NONE ) { /* Generate Qr code */
|
| 796 |
if ( $response['status'] == 'SUCCESS' ) {
|
| 797 |
-
//$_SESSION['mo2f-login-qrCode'] = $response['qrCode'];
|
| 798 |
-
$_SESSION['mo2f_transactionId'] = $response['txId'];
|
| 799 |
|
| 800 |
$qrCode = $response['qrCode'];
|
| 801 |
-
|
| 802 |
-
//MO2f_Utility::mo2f_set_cookie_values( 'mo2f-login-qrCode', $response['qrCode'] );
|
| 803 |
-
MO2f_Utility::mo2f_set_cookie_values( 'mo2f_transactionId', $response['txId'] );
|
| 804 |
|
| 805 |
$mo2fa_login_message = '';
|
| 806 |
$mo2fa_login_status = 'MO_2_FACTOR_CHALLENGE_MOBILE_AUTHENTICATION';
|
| 807 |
-
$this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to, $qrCode );
|
| 808 |
} else if ( $response['status'] == 'ERROR' ) {
|
| 809 |
-
$this->remove_current_activity();
|
| 810 |
$error = new WP_Error();
|
| 811 |
$error->add( 'empty_username', __( '<strong>ERROR</strong>: An error occured while processing your request. Please Try again.' ) );
|
| 812 |
|
| 813 |
return $error;
|
| 814 |
}
|
| 815 |
} else {
|
| 816 |
-
$this->remove_current_activity();
|
| 817 |
$error = new WP_Error();
|
| 818 |
$error->add( 'empty_username', __( '<strong>ERROR</strong>: An error occured while processing your request. Please Try again.' ) );
|
| 819 |
|
|
@@ -823,34 +842,32 @@ class Miniorange_Password_2Factor_Login {
|
|
| 823 |
|
| 824 |
}
|
| 825 |
|
| 826 |
-
function mo2f_pass2login_push_oobemail_verification( $user, $mo2f_second_factor, $redirect_to ) {
|
| 827 |
-
|
| 828 |
-
|
|
|
|
|
|
|
|
|
|
| 829 |
|
| 830 |
-
|
| 831 |
$content = $challengeMobile->send_otp_token( $user_email, $mo2f_second_factor, get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) );
|
| 832 |
$response = json_decode( $content, true );
|
| 833 |
if ( json_last_error() == JSON_ERROR_NONE ) { /* Generate Qr code */
|
| 834 |
if ( $response['status'] == 'SUCCESS' ) {
|
| 835 |
-
$
|
| 836 |
-
|
| 837 |
-
//if the php session folder has insufficient permissions, cookies to be used
|
| 838 |
-
MO2f_Utility::mo2f_set_cookie_values( "mo2f_transactionId", $response['txId'] );
|
| 839 |
|
| 840 |
$mo2fa_login_message = $mo2f_second_factor == 'PUSH NOTIFICATIONS' ? 'A Push Notification has been sent to your phone. We are waiting for your approval.' : 'An email has been sent to ' . MO2f_Utility::mo2f_get_hidden_email( $user_email ) . '. We are waiting for your approval.';
|
| 841 |
$mo2fa_login_status = $mo2f_second_factor == 'PUSH NOTIFICATIONS' ? 'MO_2_FACTOR_CHALLENGE_PUSH_NOTIFICATIONS' : 'MO_2_FACTOR_CHALLENGE_OOB_EMAIL';
|
| 842 |
-
$this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to
|
| 843 |
} else if ( $response['status'] == 'ERROR' || $response['status'] == 'FAILED' ) {
|
| 844 |
-
$
|
| 845 |
-
//if the php session folder has insufficient permissions, cookies to be used
|
| 846 |
-
MO2f_Utility::mo2f_set_cookie_values( "mo2f_transactionId", $response['txId'] );
|
| 847 |
|
| 848 |
$mo2fa_login_message = $mo2f_second_factor == 'PUSH NOTIFICATIONS' ? 'An error occured while sending push notification to your app. You can click on <b>Phone is Offline</b> button to enter soft token from app or <b>Forgot your phone</b> button to receive OTP to your registered email.' : 'An error occured while sending email. Please try again.';
|
| 849 |
$mo2fa_login_status = $mo2f_second_factor == 'PUSH NOTIFICATIONS' ? 'MO_2_FACTOR_CHALLENGE_PUSH_NOTIFICATIONS' : 'MO_2_FACTOR_CHALLENGE_OOB_EMAIL';
|
| 850 |
-
$this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to );
|
| 851 |
}
|
| 852 |
} else {
|
| 853 |
-
$this->remove_current_activity();
|
| 854 |
$error = new WP_Error();
|
| 855 |
$error->add( 'empty_username', __( '<strong>ERROR</strong>: An error occured while processing your request. Please Try again.' ) );
|
| 856 |
|
|
@@ -858,19 +875,23 @@ class Miniorange_Password_2Factor_Login {
|
|
| 858 |
}
|
| 859 |
}
|
| 860 |
|
| 861 |
-
function mo2f_pass2login_otp_verification( $user, $mo2f_second_factor, $redirect_to ) {
|
| 862 |
global $Mo2fdbQueries;
|
|
|
|
|
|
|
|
|
|
|
|
|
| 863 |
$mo2f_external_app_type = get_user_meta( $user->ID, 'mo2f_external_app_type', true );
|
| 864 |
$mo2f_user_phone = $Mo2fdbQueries->get_user_detail( 'mo2f_user_phone', $user->ID );
|
| 865 |
|
| 866 |
if ( $mo2f_second_factor == 'SOFT TOKEN' ) {
|
| 867 |
$mo2fa_login_message = 'Please enter the one time passcode shown in the miniOrange<b> Authenticator</b> app.';
|
| 868 |
$mo2fa_login_status = 'MO_2_FACTOR_CHALLENGE_SOFT_TOKEN';
|
| 869 |
-
$this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to );
|
| 870 |
} else if ( $mo2f_second_factor == 'GOOGLE AUTHENTICATOR' ) {
|
| 871 |
$mo2fa_login_message = $mo2f_external_app_type == 'Authy Authenticator' ? 'Please enter the one time passcode shown in the <b>Authy Authenticator</b> app.' : 'Please enter the one time passcode shown in the <b>Google Authenticator</b> app.';
|
| 872 |
$mo2fa_login_status = 'MO_2_FACTOR_CHALLENGE_GOOGLE_AUTHENTICATION';
|
| 873 |
-
$this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to );
|
| 874 |
} else {
|
| 875 |
$challengeMobile = new Customer_Setup();
|
| 876 |
$content = $challengeMobile->send_otp_token( $mo2f_user_phone, $mo2f_second_factor, get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) );
|
|
@@ -880,26 +901,22 @@ class Miniorange_Password_2Factor_Login {
|
|
| 880 |
$message = 'The OTP has been sent to ' . MO2f_Utility::get_hidden_phone( $response['phoneDelivery']['contact'] ) . '. Please enter the OTP you received to Validate.';
|
| 881 |
update_option( 'mo2f_number_of_transactions', get_option( 'mo2f_number_of_transactions' ) - 1 );
|
| 882 |
|
| 883 |
-
$
|
| 884 |
-
//if the php session folder has insufficient permissions, cookies to be used
|
| 885 |
-
MO2f_Utility::mo2f_set_cookie_values( "mo2f_transactionId", $response['txId'] );
|
| 886 |
|
| 887 |
$mo2fa_login_message = $message;
|
| 888 |
$mo2fa_login_status = 'MO_2_FACTOR_CHALLENGE_OTP_OVER_SMS';
|
| 889 |
-
$this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to );
|
| 890 |
} else {
|
| 891 |
$message = $response['message'] . ' You can click on <b>Forgot your phone</b> link to login via alternate method.';
|
| 892 |
|
| 893 |
-
$
|
| 894 |
-
//if the php session folder has insufficient permissions, cookies to be used
|
| 895 |
-
MO2f_Utility::mo2f_set_cookie_values( "mo2f_transactionId", $response['txId'] );
|
| 896 |
|
| 897 |
$mo2fa_login_message = $message;
|
| 898 |
$mo2fa_login_status = 'MO_2_FACTOR_CHALLENGE_OTP_OVER_SMS';
|
| 899 |
-
$this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to );
|
| 900 |
}
|
| 901 |
} else {
|
| 902 |
-
$this->remove_current_activity();
|
| 903 |
$error = new WP_Error();
|
| 904 |
$error->add( 'empty_username', __( '<strong>ERROR</strong>: An error occured while processing your request. Please Try again.' ) );
|
| 905 |
|
|
@@ -908,36 +925,45 @@ class Miniorange_Password_2Factor_Login {
|
|
| 908 |
}
|
| 909 |
}
|
| 910 |
|
| 911 |
-
function mo2fa_pass2login( $redirect_to = null ) {
|
| 912 |
|
| 913 |
-
$user_id = MO2f_Utility::
|
| 914 |
-
$mo2f_1stfactor_status = MO2f_Utility::
|
| 915 |
|
| 916 |
if ( $user_id && $mo2f_1stfactor_status && ( $mo2f_1stfactor_status == 'VALIDATE_SUCCESS' ) ) {
|
| 917 |
|
| 918 |
$currentuser = get_user_by( 'id', $user_id );
|
| 919 |
|
| 920 |
wp_set_current_user( $user_id, $currentuser->user_login );
|
| 921 |
-
$this->remove_current_activity();
|
| 922 |
wp_set_auth_cookie( $user_id, true );
|
| 923 |
do_action( 'wp_login', $currentuser->user_login, $currentuser );
|
| 924 |
redirect_user_to( $currentuser, $redirect_to );
|
| 925 |
exit;
|
| 926 |
} else {
|
| 927 |
-
$this->remove_current_activity();
|
| 928 |
}
|
| 929 |
}
|
| 930 |
|
| 931 |
-
function
|
| 932 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 933 |
|
| 934 |
-
|
| 935 |
-
|
| 936 |
-
|
|
|
|
|
|
|
|
|
|
| 937 |
|
| 938 |
-
|
| 939 |
-
MO2f_Utility::
|
| 940 |
-
MO2f_Utility::mo2f_set_cookie_values( 'mo2f_1stfactor_status', 'VALIDATE_SUCCESS' );
|
| 941 |
|
| 942 |
$is_customer_admin = get_option( 'mo2f_miniorange_admin' ) == $currentuser->ID ? true : false;
|
| 943 |
$is_2fa_enabled_for_users = get_option( 'mo2f_enable_2fa_for_users' );
|
|
@@ -953,18 +979,15 @@ class Miniorange_Password_2Factor_Login {
|
|
| 953 |
if ( $email && $mo_2factor_user_registration_status == 'MO_2_FACTOR_PLUGIN_SETTINGS' ) { //checking if user has configured any 2nd factor method
|
| 954 |
try {
|
| 955 |
$mo2f_rba_status = mo2f_collect_attributes( $email, stripslashes( $attributes ) ); // Rba flow
|
| 956 |
-
$
|
| 957 |
-
MO2f_Utility::mo2f_set_cookie_values( 'mo2f_rba_status_status', $mo2f_rba_status["status"] );
|
| 958 |
-
MO2f_Utility::mo2f_set_cookie_values( 'mo2f_rba_status_sessionUuid', $mo2f_rba_status["sessionUuid"] );
|
| 959 |
-
MO2f_Utility::mo2f_set_cookie_values( 'mo2f_rba_status_decision_flag', $mo2f_rba_status["decision_flag"] );
|
| 960 |
-
|
| 961 |
} catch ( Exception $e ) {
|
| 962 |
echo $e->getMessage();
|
| 963 |
}
|
| 964 |
|
| 965 |
if ( $mo2f_rba_status['status'] == 'SUCCESS' && $mo2f_rba_status['decision_flag'] ) {
|
| 966 |
-
$this->mo2fa_pass2login( $redirect_to );
|
| 967 |
} else if ( ($mo2f_rba_status['status'] == 'DENY' ) && get_option( 'mo2f_rba_installed' ) ) {
|
|
|
|
| 968 |
$this->mo2f_restrict_access( 'Access_denied' );
|
| 969 |
exit;
|
| 970 |
} else if ( ($mo2f_rba_status['status'] == 'ERROR') && get_option( 'mo2f_rba_installed' ) ) {
|
|
@@ -976,30 +999,29 @@ class Miniorange_Password_2Factor_Login {
|
|
| 976 |
|
| 977 |
if(!$is_nc_with_unlimited_users && get_option('mo2f_enable_2fa_prompt_on_login_page')&& !get_option('mo2f_remember_device')&&
|
| 978 |
in_array(get_option('mo2f_configured_2_factor_method'), array("Google Authenticator", "miniOrange Soft Token", "Authy Authenticator"))){
|
| 979 |
-
|
| 980 |
-
|
| 981 |
-
|
| 982 |
-
|
| 983 |
-
|
| 984 |
-
|
| 985 |
-
|
| 986 |
-
|
| 987 |
if ( MO2f_Utility::check_if_request_is_from_mobile_device( $_SERVER['HTTP_USER_AGENT'] ) && $kba_configuration_status ) {
|
| 988 |
-
$this->mo2f_pass2login_kba_verification( $currentuser->ID, $redirect_to );
|
| 989 |
} else {
|
| 990 |
-
|
| 991 |
if ( $mo2f_second_factor == 'MOBILE AUTHENTICATION' ) {
|
| 992 |
-
$this->mo2f_pass2login_mobile_verification( $currentuser, $redirect_to );
|
| 993 |
} else if ( $mo2f_second_factor == 'PUSH NOTIFICATIONS' || $mo2f_second_factor == 'OUT OF BAND EMAIL' ) {
|
| 994 |
-
$this->mo2f_pass2login_push_oobemail_verification( $currentuser, $mo2f_second_factor, $redirect_to );
|
| 995 |
} else if ( $mo2f_second_factor == 'SOFT TOKEN' || $mo2f_second_factor == 'SMS' || $mo2f_second_factor == 'PHONE VERIFICATION' || $mo2f_second_factor == 'GOOGLE AUTHENTICATOR' ) {
|
| 996 |
-
$this->mo2f_pass2login_otp_verification( $currentuser, $mo2f_second_factor, $redirect_to );
|
| 997 |
} else if ( $mo2f_second_factor == 'KBA' ) {
|
| 998 |
-
$this->mo2f_pass2login_kba_verification( $currentuser->ID, $redirect_to );
|
| 999 |
} else if ( $mo2f_second_factor == 'NONE' ) {
|
| 1000 |
-
$this->mo2fa_pass2login( $redirect_to );
|
| 1001 |
} else {
|
| 1002 |
-
$this->remove_current_activity();
|
| 1003 |
$error = new WP_Error();
|
| 1004 |
$error->add( 'empty_username', __( '<strong>ERROR</strong>: Two Factor method has not been configured.' ) );
|
| 1005 |
|
|
@@ -1010,16 +1032,16 @@ class Miniorange_Password_2Factor_Login {
|
|
| 1010 |
|
| 1011 |
}
|
| 1012 |
} else {
|
| 1013 |
-
$this->mo2fa_pass2login( $redirect_to );
|
| 1014 |
}
|
| 1015 |
|
| 1016 |
} else { //plugin is not activated for current role then logged him in without asking 2 factor
|
| 1017 |
-
$this->mo2fa_pass2login( $redirect_to );
|
| 1018 |
}
|
| 1019 |
|
| 1020 |
}
|
| 1021 |
|
| 1022 |
-
function mo2f_validate_soft_token($currentuser, $redirect_to = null, $mo2f_second_factor, $softtoken){
|
| 1023 |
global $Mo2fdbQueries;
|
| 1024 |
$email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $currentuser->ID );
|
| 1025 |
$customer = new Customer_Setup();
|
|
@@ -1027,9 +1049,9 @@ class Miniorange_Password_2Factor_Login {
|
|
| 1027 |
if ( strcasecmp( $content['status'], 'SUCCESS' ) == 0 ) {
|
| 1028 |
if ( get_option( 'mo2f_remember_device' ) ) {
|
| 1029 |
$mo2fa_login_status = 'MO_2_FACTOR_REMEMBER_TRUSTED_DEVICE';
|
| 1030 |
-
$this->miniorange_pass2login_form_fields( $mo2fa_login_status, null, $redirect_to );
|
| 1031 |
} else {
|
| 1032 |
-
$this->mo2fa_pass2login( $redirect_to );
|
| 1033 |
}
|
| 1034 |
} else {
|
| 1035 |
return new WP_Error( 'invalid_one_time_passcode', '<strong>ERROR</strong>: Invalid One Time Passcode.');
|
|
@@ -1042,14 +1064,14 @@ class Miniorange_Password_2Factor_Login {
|
|
| 1042 |
}
|
| 1043 |
|
| 1044 |
function mo2f_collect_device_attributes_for_authenticated_user( $currentuser, $redirect_to = null ) {
|
|
|
|
| 1045 |
if ( get_option( 'mo2f_remember_device' ) ) {
|
| 1046 |
$this->miniorange_pass2login_start_session();
|
| 1047 |
-
$_SESSION['mo2f_current_user_id'] = $currentuser->ID;
|
| 1048 |
|
| 1049 |
-
|
| 1050 |
-
MO2f_Utility::
|
| 1051 |
|
| 1052 |
-
mo2f_collect_device_attributes_handler( $redirect_to );
|
| 1053 |
exit;
|
| 1054 |
} else {
|
| 1055 |
$this->miniorange_initiate_2nd_factor( $currentuser, null, $redirect_to );
|
|
@@ -1060,6 +1082,7 @@ class Miniorange_Password_2Factor_Login {
|
|
| 1060 |
if ( is_a( $user, 'WP_Error' ) && ! empty( $user ) ) {
|
| 1061 |
return $user;
|
| 1062 |
}
|
|
|
|
| 1063 |
|
| 1064 |
// if an app password is enabled, this is an XMLRPC / APP login ?
|
| 1065 |
if ( defined( 'XMLRPC_REQUEST' ) && XMLRPC_REQUEST ) {
|
|
@@ -1091,10 +1114,19 @@ class Miniorange_Password_2Factor_Login {
|
|
| 1091 |
}
|
| 1092 |
|
| 1093 |
$attributes = isset( $_POST['miniorange_rba_attribures'] ) ? $_POST['miniorange_rba_attribures'] : null;
|
|
|
|
|
|
|
| 1094 |
$redirect_to = isset( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : null;
|
| 1095 |
-
|
| 1096 |
-
|
| 1097 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 1098 |
return $error;
|
| 1099 |
}
|
| 1100 |
|
| 35 |
|
| 36 |
if ( isset( $_POST['miniorange_login_nonce'] ) ) {
|
| 37 |
$nonce = $_POST['miniorange_login_nonce'];
|
| 38 |
+
$session_id = $this->create_session();
|
| 39 |
+
|
| 40 |
if ( ! wp_verify_nonce( $nonce, 'miniorange-2-factor-login-nonce' ) ) {
|
| 41 |
+
|
| 42 |
+
$this->remove_current_activity($session_id);
|
| 43 |
$error = new WP_Error();
|
| 44 |
$error->add( 'empty_username', '<strong>' . mo2f_lt( 'ERROR' ) . '</strong>: ' . mo2f_lt( 'Invalid Request.' ) );
|
| 45 |
|
| 46 |
return $error;
|
| 47 |
+
} else {
|
| 48 |
+
|
| 49 |
+
$this->miniorange_pass2login_start_session();
|
| 50 |
+
|
| 51 |
$mobile_login = new Miniorange_Mobile_Login();
|
| 52 |
//validation and sanitization
|
| 53 |
+
$username = '';
|
| 54 |
+
if ( MO2f_Utility::mo2f_check_empty_or_null( $_POST['mo2fa_username'] ) ) {
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 55 |
|
| 56 |
+
MO2f_Utility::set_user_values($session_id, 'mo2f_login_message', 'Please enter username to proceed' );
|
| 57 |
+
$mobile_login->mo_auth_show_error_message();
|
| 58 |
return;
|
| 59 |
} else {
|
| 60 |
$username = sanitize_text_field( $_POST['mo2fa_username'] );
|
| 64 |
if ( username_exists( $username ) ) { /*if username exists in wp site */
|
| 65 |
$user = new WP_User( $username );
|
| 66 |
|
|
|
|
| 67 |
$redirect_to = isset( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : null;
|
| 68 |
|
| 69 |
+
MO2f_Utility::set_user_values($session_id, 'mo2f_current_user_id', $user->ID );
|
| 70 |
+
MO2f_Utility::set_user_values($session_id, 'mo2f_1stfactor_status', 'VALIDATE_SUCCESS' );
|
|
|
|
|
|
|
|
|
|
|
|
|
| 71 |
|
| 72 |
$current_roles = miniorange_get_user_role( $user );
|
| 73 |
$enabled = miniorange_check_if_2fa_enabled_for_roles( $current_roles );
|
| 77 |
if ( $enabled ) {
|
| 78 |
if ( $email && $mo_2factor_user_registration_status == 'MO_2_FACTOR_PLUGIN_SETTINGS' ) {
|
| 79 |
if ( MO2f_Utility::check_if_request_is_from_mobile_device( $_SERVER['HTTP_USER_AGENT'] ) && $kba_configuration_status ) {
|
| 80 |
+
$this->mo2f_pass2login_kba_verification( $user->ID, $redirect_to, $session_id );
|
| 81 |
|
| 82 |
} else {
|
| 83 |
$mo2f_second_factor = mo2f_get_user_2ndfactor( $user );
|
| 84 |
if ( $mo2f_second_factor == 'MOBILE AUTHENTICATION' ) {
|
| 85 |
+
$this->mo2f_pass2login_mobile_verification( $user, $redirect_to, $session_id );
|
| 86 |
} else if ( $mo2f_second_factor == 'PUSH NOTIFICATIONS' || $mo2f_second_factor == 'OUT OF BAND EMAIL' ) {
|
| 87 |
+
$this->mo2f_pass2login_push_oobemail_verification( $user, $mo2f_second_factor, $redirect_to, $session_id );
|
| 88 |
} else if ( $mo2f_second_factor == 'SOFT TOKEN' || $mo2f_second_factor == 'SMS' || $mo2f_second_factor == 'PHONE VERIFICATION' || $mo2f_second_factor == 'GOOGLE AUTHENTICATOR' ) {
|
| 89 |
|
| 90 |
+
$this->mo2f_pass2login_otp_verification( $user, $mo2f_second_factor, $redirect_to, $session_id );
|
| 91 |
|
| 92 |
} else if ( $mo2f_second_factor == 'KBA' ) {
|
| 93 |
|
| 94 |
+
$this->mo2f_pass2login_kba_verification( $user->ID, $redirect_to, $session_id );
|
| 95 |
} else {
|
| 96 |
+
$this->remove_current_activity($session_id);
|
| 97 |
+
MO2f_Utility::set_user_values($session_id, 'mo2f_login_message', 'Please try again or contact your admin.' );
|
|
|
|
|
|
|
| 98 |
$mobile_login->mo_auth_show_success_message();
|
| 99 |
}
|
| 100 |
}
|
| 101 |
} else {
|
| 102 |
|
| 103 |
+
MO2f_Utility::set_user_values($session_id, 'mo2f_login_message', 'Please login into your account using password.' );
|
|
|
|
|
|
|
|
|
|
| 104 |
$mobile_login->mo_auth_show_success_message();
|
| 105 |
$mobile_login->mo2f_redirectto_wp_login();
|
| 106 |
}
|
| 107 |
} else {
|
| 108 |
+
MO2f_Utility::set_user_values( $session_id, "mo2f_login_message", 'Please login into your account using password.' );
|
|
|
|
|
|
|
| 109 |
$mobile_login->mo_auth_show_success_message();
|
| 110 |
$mobile_login->mo2f_redirectto_wp_login();
|
| 111 |
}
|
| 112 |
} else {
|
| 113 |
+
$mobile_login->remove_current_activity($session_id);
|
| 114 |
+
MO2f_Utility::set_user_values( $session_id, "mo2f_login_message", 'Invalid Username.' );
|
|
|
|
|
|
|
| 115 |
$mobile_login->mo_auth_show_error_message();
|
| 116 |
}
|
| 117 |
}
|
| 122 |
if ( isset( $_POST['mo2f_trust_device_confirm_nonce'] ) ) { /*register device as rba profile */
|
| 123 |
$nonce = $_POST['mo2f_trust_device_confirm_nonce'];
|
| 124 |
if ( ! wp_verify_nonce( $nonce, 'miniorange-2-factor-trust-device-confirm-nonce' ) ) {
|
| 125 |
+
$session_id_encrypt = isset( $_POST['session_id'] ) ? $_POST['session_id'] : null;
|
| 126 |
+
$this->remove_current_activity($session_id_encrypt);
|
| 127 |
+
$error = new WP_Error();
|
| 128 |
+
$error->add( 'empty_username', '<strong>' . mo2f_lt( 'ERROR ' ) . '</strong>:' . mo2f_lt( 'Invalid Request.' ) );
|
| 129 |
|
| 130 |
+
return $error;
|
| 131 |
+
} else {
|
| 132 |
+
$this->miniorange_pass2login_start_session();
|
| 133 |
+
$session_id_encrypt = isset( $_POST['session_id'] ) ? $_POST['session_id'] : null;
|
| 134 |
+
try {
|
| 135 |
|
| 136 |
+
$user_id = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_current_user_id', $session_id_encrypt );
|
| 137 |
+
$email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user_id );
|
| 138 |
|
| 139 |
+
$mo2f_rba_status = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_rba_status',$session_id_encrypt );
|
| 140 |
|
| 141 |
|
| 142 |
+
mo2f_register_profile( $email, 'true', $mo2f_rba_status );
|
| 143 |
+
} catch ( Exception $e ) {
|
| 144 |
+
echo $e->getMessage();
|
| 145 |
+
}
|
| 146 |
+
$redirect_to = isset( $_POST['redirect_to'] ) ? $_POST['redirect_to'] : null;
|
| 147 |
|
| 148 |
+
$this->mo2fa_pass2login( $redirect_to, $session_id_encrypt );
|
| 149 |
}
|
| 150 |
}
|
| 151 |
|
| 158 |
return $error;
|
| 159 |
} else {
|
| 160 |
$this->miniorange_pass2login_start_session();
|
| 161 |
+
$session_id_encrypt = isset( $_POST['session_id'] ) ? $_POST['session_id'] : null;
|
| 162 |
$redirect_to = isset( $_POST['redirect_to'] ) ? $_POST['redirect_to'] : null;
|
| 163 |
+
$this->mo2fa_pass2login( $redirect_to, $session_id_encrypt );
|
| 164 |
}
|
| 165 |
}
|
| 166 |
|
| 173 |
return $error;
|
| 174 |
} else {
|
| 175 |
$this->miniorange_pass2login_start_session();
|
| 176 |
+
$session_id_encrypt = isset( $_POST['session_id'] ) ? $_POST['session_id'] : null;
|
| 177 |
$forgot_phone_enable = get_option( 'mo2f_enable_forgotphone' );
|
| 178 |
$forgot_phone_kba_enable = get_option( 'mo2f_enable_forgotphone_kba' );
|
| 179 |
$forgot_phone_email_enable = get_option( 'mo2f_enable_forgotphone_email' );
|
| 181 |
$second_factor = isset( $_POST['mo2f_configured_2FA_method'] ) ? $_POST['mo2f_configured_2FA_method'] : 'KBA';
|
| 182 |
$redirect_to = isset( $_POST['redirect_to'] ) ? $_POST['redirect_to'] : null;
|
| 183 |
$user = unserialize( $_SESSION['mo2f_current_user'] );
|
| 184 |
+
$user_id = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_current_user_id', $session_id_encrypt );
|
| 185 |
$email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user_id );
|
| 186 |
$kba_configuration_status = $Mo2fdbQueries->get_user_detail( 'mo2f_SecurityQuestions_config_status', $user_id );
|
| 187 |
|
| 194 |
$mo2f_login_status = '';
|
| 195 |
|
| 196 |
if ( strcasecmp( $content['status'], 'SUCCESS' ) == 0 ) {
|
| 197 |
+
MO2f_Utility::set_user_values( $session_id_encrypt, "mo2f_transactionId", $content['txId'] );
|
|
|
|
|
|
|
| 198 |
|
| 199 |
$mo2fa_login_message = 'A one time passcode has been sent to <b>' . MO2f_Utility::mo2f_get_hidden_email( $email ) . '</b>. Please enter the OTP to verify your identity.';
|
| 200 |
$mo2f_login_status = 'MO_2_FACTOR_CHALLENGE_OTP_OVER_EMAIL';
|
| 202 |
$mo2fa_login_message = 'Error occured while sending OTP over your regsitered email. Please try again.';
|
| 203 |
$mo2f_login_status = 'MO_2_FACTOR_CHALLENGE_KBA_AND_OTP_OVER_EMAIL';
|
| 204 |
}
|
| 205 |
+
$this->miniorange_pass2login_form_fields( $mo2f_login_status, $mo2fa_login_message, $redirect_to,null,$session_id_encrypt );
|
| 206 |
} else if ( $forgot_phone_enable && $forgot_phone_kba_enable ) {
|
| 207 |
if ( $kba_configuration_status ) {
|
| 208 |
+
$this->mo2f_pass2login_kba_verification( $user_id, $redirect_to, $session_id_encrypt );
|
| 209 |
} else {
|
| 210 |
$mo2fa_login_message = 'Your KBA is not configured. Please choose other option to procedd further.';
|
| 211 |
$mo2f_login_status = 'MO_2_FACTOR_CHALLENGE_KBA_AND_OTP_OVER_EMAIL';
|
| 212 |
+
$this->miniorange_pass2login_form_fields( $mo2f_login_status, $mo2fa_login_message, $redirect_to, null,$session_id_encrypt );
|
| 213 |
}
|
| 214 |
}
|
| 215 |
}
|
| 224 |
return $error;
|
| 225 |
} else {
|
| 226 |
$this->miniorange_pass2login_start_session();
|
| 227 |
+
$session_id_encrypt = isset( $_POST['session_id'] ) ? $_POST['session_id'] : null;
|
| 228 |
+
$user_id = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_current_user_id',$session_id_encrypt );
|
| 229 |
|
| 230 |
$redirect_to = isset( $_POST['redirect_to'] ) ? $_POST['redirect_to'] : null;
|
| 231 |
+
$this->mo2f_pass2login_kba_verification( $user_id, $redirect_to,$session_id_encrypt );
|
| 232 |
}
|
| 233 |
}
|
| 234 |
|
| 242 |
} else {
|
| 243 |
|
| 244 |
$this->miniorange_pass2login_start_session();
|
| 245 |
+
$session_id_encrypt = isset( $_POST['session_id'] ) ? $_POST['session_id'] : null;
|
| 246 |
+
$user_id = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_current_user_id',$session_id_encrypt );
|
| 247 |
|
| 248 |
$redirect_to = isset( $_POST['redirect_to'] ) ? $_POST['redirect_to'] : null;
|
| 249 |
|
| 251 |
if ( MO2f_Utility::mo2f_check_empty_or_null( $_POST['mo2f_answer_1'] ) || MO2f_Utility::mo2f_check_empty_or_null( $_POST['mo2f_answer_2'] ) ) {
|
| 252 |
$mo2fa_login_message = 'Please provide both the answers.';
|
| 253 |
$mo2fa_login_status = 'MO_2_FACTOR_CHALLENGE_KBA_AUTHENTICATION';
|
| 254 |
+
$this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to,null,$session_id_encrypt );
|
| 255 |
}
|
| 256 |
$otpToken = array();
|
| 257 |
+
$kba_questions = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo_2_factor_kba_questions',$session_id_encrypt );
|
| 258 |
|
| 259 |
$otpToken[0] = $kba_questions[0];
|
| 260 |
$otpToken[1] = sanitize_text_field( $_POST['mo2f_answer_1'] );
|
| 264 |
$check_trust_device = isset( $_POST['mo2f_trust_device'] ) ? $_POST['mo2f_trust_device'] : 'false';
|
| 265 |
|
| 266 |
//if the php session folder has insufficient permissions, cookies to be used
|
| 267 |
+
$mo2f_login_transaction_id = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_transactionId',$session_id_encrypt );
|
| 268 |
|
| 269 |
+
$mo2f_rba_status = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_rba_status',$session_id_encrypt );
|
| 270 |
|
| 271 |
$kba_validate = new Customer_Setup();
|
| 272 |
$kba_validate_response = json_decode( $kba_validate->validate_otp_token( 'KBA', null, $mo2f_login_transaction_id, $otpToken, get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) ), true );
|
| 279 |
} catch ( Exception $e ) {
|
| 280 |
echo $e->getMessage();
|
| 281 |
}
|
| 282 |
+
$this->mo2fa_pass2login( $redirect_to, $session_id_encrypt );
|
| 283 |
} else {
|
| 284 |
+
$this->mo2fa_pass2login( $redirect_to, $session_id_encrypt );
|
| 285 |
}
|
| 286 |
} else {
|
| 287 |
|
| 288 |
$mo2fa_login_message = 'The answers you have provided are incorrect.';
|
| 289 |
$mo2fa_login_status = 'MO_2_FACTOR_CHALLENGE_KBA_AUTHENTICATION';
|
| 290 |
+
$this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to,null,$session_id_encrypt);
|
| 291 |
}
|
| 292 |
} else {
|
| 293 |
+
$this->remove_current_activity($session_id_encrypt);
|
| 294 |
|
| 295 |
return new WP_Error( 'invalid_username', __( '<strong>ERROR</strong>: Please try again..' ) );
|
| 296 |
}
|
| 306 |
return $error;
|
| 307 |
} else {
|
| 308 |
$this->miniorange_pass2login_start_session();
|
| 309 |
+
$session_id_encrypt = isset( $_POST['session_id'] ) ? $_POST['session_id'] : null;
|
| 310 |
//if the php session folder has insufficient permissions, cookies to be used
|
| 311 |
+
$mo2f_login_transaction_id = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_transactionId',$session_id_encrypt );
|
| 312 |
|
| 313 |
$redirect_to = isset( $_POST['redirect_to'] ) ? $_POST['redirect_to'] : null;
|
| 314 |
$checkMobileStatus = new Two_Factor_Setup();
|
| 318 |
if ( $response['status'] == 'SUCCESS' ) {
|
| 319 |
if ( get_option( 'mo2f_remember_device' ) ) {
|
| 320 |
$mo2fa_login_status = 'MO_2_FACTOR_REMEMBER_TRUSTED_DEVICE';
|
| 321 |
+
$this->miniorange_pass2login_form_fields( $mo2fa_login_status, null, $redirect_to, null,$session_id_encrypt );
|
| 322 |
} else {
|
| 323 |
+
$this->mo2fa_pass2login( $redirect_to, $session_id_encrypt );
|
| 324 |
}
|
| 325 |
} else {
|
| 326 |
+
$this->remove_current_activity($session_id_encrypt);
|
| 327 |
|
| 328 |
return new WP_Error( 'invalid_username', __( '<strong>ERROR</strong>: Please try again.' ) );
|
| 329 |
}
|
| 330 |
} else {
|
| 331 |
+
$this->remove_current_activity($session_id_encrypt);
|
| 332 |
|
| 333 |
return new WP_Error( 'invalid_username', __( '<strong>ERROR</strong>: Please try again.' ) );
|
| 334 |
}
|
| 344 |
return $error;
|
| 345 |
} else {
|
| 346 |
$this->miniorange_pass2login_start_session();
|
| 347 |
+
$session_id_encrypt = isset( $_POST['session_id'] ) ? $_POST['session_id'] : null;
|
| 348 |
+
$this->remove_current_activity($session_id_encrypt);
|
| 349 |
}
|
| 350 |
}
|
| 351 |
|
| 358 |
return $error;
|
| 359 |
} else {
|
| 360 |
$mo2fa_login_status = isset( $_POST['request_origin_method'] ) ? $_POST['request_origin_method'] : null;
|
| 361 |
+
$session_id_encrypt = isset( $_POST['session_id'] ) ? $_POST['session_id'] : null;
|
| 362 |
$redirect_to = isset( $_POST['redirect_to'] ) ? $_POST['redirect_to'] : null;
|
| 363 |
$mo2fa_login_message = '';
|
| 364 |
|
| 365 |
$this->miniorange_pass2login_start_session();
|
| 366 |
$customer = new Customer_Setup();
|
| 367 |
+
$user_id = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_current_user_id',$session_id_encrypt );
|
| 368 |
$user_email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user_id );
|
| 369 |
$kba_configuration_status = $Mo2fdbQueries->get_user_detail( 'mo2f_SecurityQuestions_config_status', $user_id );
|
| 370 |
|
| 371 |
if ( $kba_configuration_status ) {
|
| 372 |
$mo2fa_login_status = 'MO_2_FACTOR_CHALLENGE_KBA_AND_OTP_OVER_EMAIL';
|
| 373 |
$pass2fa_login = new Miniorange_Password_2Factor_Login();
|
| 374 |
+
$pass2fa_login->mo2f_pass2login_kba_verification( $user_id, $redirect_to,$session_id_encrypt );
|
| 375 |
} else {
|
| 376 |
$hidden_user_email = MO2f_Utility::mo2f_get_hidden_email( $user_email );
|
| 377 |
$content = json_decode( $customer->send_otp_token( $user_email, 'EMAIL', get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) ), true );
|
| 383 |
|
| 384 |
MO2f_Utility::unset_session_variables( $session_cookie_variables );
|
| 385 |
MO2f_Utility::unset_cookie_variables( $session_cookie_variables );
|
| 386 |
+
MO2f_Utility::unset_temp_user_details_in_table( 'mo2f_transactionId',$session_id_encrypt );
|
|
|
|
|
|
|
| 387 |
|
| 388 |
//if the php session folder has insufficient permissions, cookies to be used
|
| 389 |
+
MO2f_Utility::set_user_values( $session_id_encrypt,'mo2f_login_message', 'A one time passcode has been sent to <b>' . $hidden_user_email . '</b>. Please enter the OTP to verify your identity.' );
|
| 390 |
+
MO2f_Utility::set_user_values( $session_id_encrypt, 'mo2f_transactionId', $content['txId'] );
|
| 391 |
|
| 392 |
$mo2fa_login_message = 'A one time passcode has been sent to <b>' . $hidden_user_email . '</b>. Please enter the OTP to verify your identity.';
|
| 393 |
$mo2fa_login_status = 'MO_2_FACTOR_CHALLENGE_OTP_OVER_EMAIL';
|
| 394 |
} else {
|
| 395 |
$mo2fa_login_message = 'Error occurred while sending OTP over email. Please try again.';
|
| 396 |
}
|
| 397 |
+
$this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to, null,$session_id_encrypt );
|
| 398 |
}
|
| 399 |
$pass2fa_login = new Miniorange_Password_2Factor_Login();
|
| 400 |
|
| 401 |
+
$pass2fa_login->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to,null,$session_id_encrypt );
|
| 402 |
}
|
| 403 |
}
|
| 404 |
|
| 411 |
return $error;
|
| 412 |
} else {
|
| 413 |
$this->miniorange_pass2login_start_session();
|
| 414 |
+
$session_id_encrypt = isset( $_POST['session_id'] ) ? $_POST['session_id'] : null;
|
| 415 |
$session_cookie_variables = array( 'mo2f-login-qrCode', 'mo2f_transactionId' );
|
| 416 |
|
| 417 |
MO2f_Utility::unset_session_variables( $session_cookie_variables );
|
| 418 |
MO2f_Utility::unset_cookie_variables( $session_cookie_variables );
|
| 419 |
+
MO2f_Utility::unset_temp_user_details_in_table('mo2f_transactionId',$session_id_encrypt );
|
| 420 |
|
| 421 |
$redirect_to = isset( $_POST['redirect_to'] ) ? $_POST['redirect_to'] : null;
|
| 422 |
$mo2fa_login_message = 'Please enter the one time passcode shown in the miniOrange<b> Authenticator</b> app.';
|
| 423 |
$mo2fa_login_status = 'MO_2_FACTOR_CHALLENGE_SOFT_TOKEN';
|
| 424 |
+
$this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to,null,$session_id_encrypt );
|
| 425 |
}
|
| 426 |
}
|
| 427 |
|
| 435 |
return $error;
|
| 436 |
} else {
|
| 437 |
$this->miniorange_pass2login_start_session();
|
| 438 |
+
$session_id_encrypt = isset( $_POST['session_id'] ) ? $_POST['session_id'] : null;
|
| 439 |
$mo2fa_login_status = isset( $_POST['request_origin_method'] ) ? $_POST['request_origin_method'] : null;
|
| 440 |
$redirect_to = isset( $_POST['redirect_to'] ) ? $_POST['redirect_to'] : null;
|
| 441 |
$softtoken = '';
|
| 442 |
if ( MO2f_utility::mo2f_check_empty_or_null( $_POST['mo2fa_softtoken'] ) ) {
|
| 443 |
$mo2fa_login_message = 'Please enter OTP to proceed.';
|
| 444 |
+
$this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to,null,$session_id_encrypt );
|
| 445 |
} else {
|
| 446 |
$softtoken = sanitize_text_field( $_POST['mo2fa_softtoken'] );
|
| 447 |
if ( ! MO2f_utility::mo2f_check_number_length( $softtoken ) ) {
|
| 448 |
$mo2fa_login_message = 'Invalid OTP. Only digits within range 4-8 are allowed. Please try again.';
|
| 449 |
+
$this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to,null,$session_id_encrypt );
|
| 450 |
}
|
| 451 |
}
|
| 452 |
|
| 453 |
+
$user_id = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_current_user_id',$session_id_encrypt );
|
| 454 |
$user_email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user_id );
|
| 455 |
|
| 456 |
if ( isset( $user_id ) ) {
|
| 458 |
$customer = new Customer_Setup();
|
| 459 |
$content = '';
|
| 460 |
//if the php session folder has insufficient permissions, cookies to be used
|
| 461 |
+
$mo2f_login_transaction_id = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_transactionId',$session_id_encrypt );
|
| 462 |
|
| 463 |
if ( isset( $mo2fa_login_status ) && $mo2fa_login_status == 'MO_2_FACTOR_CHALLENGE_OTP_OVER_EMAIL' ) {
|
| 464 |
$content = json_decode( $customer->validate_otp_token( 'EMAIL', null, $mo2f_login_transaction_id, $softtoken, get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) ), true );
|
| 471 |
} else if ( isset( $mo2fa_login_status ) && $mo2fa_login_status == 'MO_2_FACTOR_CHALLENGE_GOOGLE_AUTHENTICATION' ) {
|
| 472 |
$content = json_decode( $customer->validate_otp_token( 'GOOGLE AUTHENTICATOR', $user_email, null, $softtoken, get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) ), true );
|
| 473 |
} else {
|
| 474 |
+
$this->remove_current_activity($session_id_encrypt);
|
| 475 |
|
| 476 |
return new WP_Error( 'invalid_username', __( '<strong>ERROR</strong>: Invalid Request. Please try again.' ) );
|
| 477 |
}
|
| 480 |
if ( get_option( 'mo2f_remember_device' ) ) {
|
| 481 |
$mo2fa_login_status = 'MO_2_FACTOR_REMEMBER_TRUSTED_DEVICE';
|
| 482 |
|
| 483 |
+
$this->miniorange_pass2login_form_fields( $mo2fa_login_status, null, $redirect_to,null,$session_id_encrypt );
|
| 484 |
} else {
|
| 485 |
+
$this->mo2fa_pass2login( $redirect_to, $session_id_encrypt );
|
| 486 |
}
|
| 487 |
} else {
|
| 488 |
|
| 489 |
$message = $mo2fa_login_status == 'MO_2_FACTOR_CHALLENGE_SOFT_TOKEN' ? 'You have entered an invalid OTP.<br>Please click on <b>Sync Time</b> in the miniOrange Authenticator app to sync your phone time with the miniOrange servers and try again.' : 'Invalid OTP. Please try again.';
|
| 490 |
+
$this->miniorange_pass2login_form_fields( $mo2fa_login_status, $message, $redirect_to,null,$session_id_encrypt );
|
| 491 |
}
|
| 492 |
|
| 493 |
} else {
|
| 494 |
+
$this->remove_current_activity($session_id_encrypt);
|
| 495 |
|
| 496 |
return new WP_Error( 'invalid_username', __( '<strong>ERROR</strong>: Please try again..' ) );
|
| 497 |
}
|
| 507 |
return $error;
|
| 508 |
} else {
|
| 509 |
$this->miniorange_pass2login_start_session();
|
| 510 |
+
$session_id = isset( $_POST['session_id'] ) ? $_POST['session_id'] : null;
|
| 511 |
+
$user_id = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_current_user_id',$session_id);
|
| 512 |
+
$this->mo2fa_pass2login(null, $session_id );
|
| 513 |
}
|
| 514 |
}
|
| 515 |
|
| 523 |
} else {
|
| 524 |
$this->miniorange_pass2login_start_session();
|
| 525 |
|
| 526 |
+
$user_id = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_current_user_id',$session_id_encrypt );
|
| 527 |
$currentuser = get_user_by( 'id', $user_id );
|
| 528 |
|
| 529 |
|
| 530 |
$attributes = isset( $_POST['miniorange_rba_attribures'] ) ? $_POST['miniorange_rba_attribures'] : null;
|
| 531 |
$redirect_to = isset( $_POST['redirect_to'] ) ? $_POST['redirect_to'] : null;
|
| 532 |
+
$session_id = isset( $_POST['session_id'] ) ? $_POST['session_id'] : null;
|
| 533 |
+
$this->miniorange_initiate_2nd_factor( $currentuser, $attributes, $redirect_to,$session_id );
|
| 534 |
}
|
| 535 |
}
|
| 536 |
}
|
| 537 |
|
| 538 |
+
function remove_current_activity($session_id) {
|
| 539 |
|
| 540 |
$session_variables = array(
|
| 541 |
'mo2f_current_user_id',
|
| 543 |
'mo_2factor_login_status',
|
| 544 |
'mo2f-login-qrCode',
|
| 545 |
'mo2f_transactionId',
|
| 546 |
+
'mo2f_login_message',
|
| 547 |
'mo2f_rba_status',
|
| 548 |
'mo_2_factor_kba_questions',
|
| 549 |
'mo2f_show_qr_code',
|
| 557 |
'mo_2factor_login_status',
|
| 558 |
'mo2f-login-qrCode',
|
| 559 |
'mo2f_transactionId',
|
| 560 |
+
'mo2f_login_message',
|
| 561 |
'mo2f_rba_status_status',
|
| 562 |
'mo2f_rba_status_sessionUuid',
|
| 563 |
'mo2f_rba_status_decision_flag',
|
| 568 |
'mo2f_authy_keys'
|
| 569 |
);
|
| 570 |
|
| 571 |
+
$temp_table_variables = array(
|
| 572 |
+
'session_id',
|
| 573 |
+
'mo2f_current_user_id',
|
| 574 |
+
'mo2f_login_message',
|
| 575 |
+
'mo2f_1stfactor_status',
|
| 576 |
+
'mo2f_transactionId',
|
| 577 |
+
'mo_2_factor_kba_questions',
|
| 578 |
+
'mo2f_rba_status',
|
| 579 |
+
'ts_created'
|
| 580 |
+
);
|
| 581 |
+
|
| 582 |
MO2f_Utility::unset_session_variables( $session_variables );
|
| 583 |
MO2f_Utility::unset_cookie_variables( $cookie_variables );
|
| 584 |
+
MO2f_Utility::unset_temp_user_details_in_table( $temp_table_variables , $session_id, "destroy" );
|
| 585 |
|
| 586 |
|
| 587 |
}
|
| 592 |
}
|
| 593 |
}
|
| 594 |
|
| 595 |
+
function mo2f_pass2login_kba_verification( $user_id, $redirect_to, $session_id ) {
|
| 596 |
global $Mo2fdbQueries;
|
| 597 |
$user_email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user_id );
|
| 598 |
|
| 599 |
+
if(is_null($session_id)) {
|
| 600 |
+
$session_id=$this->create_session();
|
| 601 |
+
}
|
| 602 |
+
|
| 603 |
$challengeKba = new Customer_Setup();
|
| 604 |
$content = $challengeKba->send_otp_token( $user_email, 'KBA', get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) );
|
| 605 |
$response = json_decode( $content, true );
|
| 606 |
if ( json_last_error() == JSON_ERROR_NONE ) { /* Generate Qr code */
|
| 607 |
if ( $response['status'] == 'SUCCESS' ) {
|
| 608 |
+
|
| 609 |
+
MO2f_Utility::set_user_values( $session_id,"mo2f_transactionId", $response['txId'] );
|
|
|
|
| 610 |
$questions = array();
|
| 611 |
$questions[0] = $response['questions'][0]['question'];
|
| 612 |
$questions[1] = $response['questions'][1]['question'];
|
|
|
|
|
|
|
| 613 |
|
| 614 |
+
MO2f_Utility::set_user_values( $session_id, 'mo_2_factor_kba_questions', $questions );
|
|
|
|
|
|
|
| 615 |
|
| 616 |
$mo2fa_login_message = 'Please answer the following questions:';
|
| 617 |
$mo2fa_login_status = 'MO_2_FACTOR_CHALLENGE_KBA_AUTHENTICATION';
|
| 618 |
+
$this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to,null, $session_id );
|
| 619 |
} else if ( $response['status'] == 'ERROR' ) {
|
| 620 |
+
$this->remove_current_activity($session_id);
|
| 621 |
$error = new WP_Error();
|
| 622 |
$error->add( 'empty_username', __( '<strong>ERROR</strong>: An error occured while processing your request. Please Try again.' ) );
|
| 623 |
|
| 624 |
return $error;
|
| 625 |
}
|
| 626 |
} else {
|
| 627 |
+
$this->remove_current_activity($session_id);
|
| 628 |
$error = new WP_Error();
|
| 629 |
$error->add( 'empty_username', __( '<strong>ERROR</strong>: An error occured while processing your request. Please Try again.' ) );
|
| 630 |
|
| 632 |
}
|
| 633 |
}
|
| 634 |
|
| 635 |
+
function miniorange_pass2login_form_fields( $mo2fa_login_status = null, $mo2fa_login_message = null, $redirect_to = null, $qrCode = null, $session_id_encrypt ) {
|
| 636 |
|
| 637 |
$login_status = $mo2fa_login_status;
|
| 638 |
$login_message = $mo2fa_login_message;
|
| 639 |
|
| 640 |
+
$user_id = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_current_user_id',$session_id_encrypt );
|
| 641 |
+
|
| 642 |
|
| 643 |
if ( $this->miniorange_pass2login_check_mobile_status( $login_status ) ) { //for mobile
|
| 644 |
+
mo2f_get_qrcode_authentication_prompt( $login_status, $login_message, $redirect_to, $qrCode, $session_id_encrypt );
|
| 645 |
exit;
|
| 646 |
} else if ( $this->miniorange_pass2login_check_otp_status( $login_status ) ) { //for soft-token,otp over email,sms,phone verification,google auth
|
| 647 |
+
mo2f_get_otp_authentication_prompt( $login_status, $login_message, $redirect_to, $session_id_encrypt );
|
| 648 |
exit;
|
| 649 |
} else if ( $this->miniorange_pass2login_check_forgotphone_status( $login_status ) ) { // forgot phone page if both KBA and Email are configured.
|
| 650 |
+
mo2f_get_forgotphone_form( $login_status, $login_message, $redirect_to, $session_id_encrypt );
|
| 651 |
exit;
|
| 652 |
} else if ( $this->miniorange_pass2login_check_push_oobemail_status( $login_status ) ) { //for push and out of band email.
|
| 653 |
+
mo2f_get_push_notification_oobemail_prompt( $user_id, $login_status, $login_message, $redirect_to, $session_id_encrypt );
|
| 654 |
exit;
|
| 655 |
} else if ( $this->miniorange_pass2login_reconfig_google( $login_status ) ) { //MO_2_FACTOR_RECONFIG_GOOGLE
|
| 656 |
// shortcode
|
| 660 |
$this->mo2f_redirect_shortcode_addon( $user_id, $login_status, $login_message, 'reconfigure_kba' );
|
| 661 |
exit;
|
| 662 |
} else if ( $this->miniorange_pass2login_check_kba_status( $login_status ) ) { // for Kba
|
| 663 |
+
mo2f_get_kba_authentication_prompt( $login_message, $redirect_to, $session_id_encrypt );
|
| 664 |
exit;
|
| 665 |
} else if ( $this->miniorange_pass2login_check_trusted_device_status( $login_status ) ) { // trusted device
|
| 666 |
+
mo2f_get_device_form( $redirect_to, $session_id_encrypt );
|
| 667 |
exit;
|
| 668 |
} else { //show login screen
|
| 669 |
$this->mo_2_factor_pass2login_show_wp_login_form();
|
| 743 |
}
|
| 744 |
|
| 745 |
function mo_2_factor_pass2login_show_wp_login_form() {
|
| 746 |
+
|
| 747 |
+
$session_id_encrypt = isset( $_POST['miniorange_user_session'] ) ? $_POST['miniorange_user_session'] : (isset( $_POST['session_id'] ) ? $_POST['session_id'] : null);
|
| 748 |
+
|
| 749 |
+
if(is_null($session_id_encrypt)) {
|
| 750 |
+
$session_id_encrypt=$this->create_session();
|
| 751 |
+
}
|
| 752 |
+
|
| 753 |
+
?>
|
| 754 |
<p><input type="hidden" name="miniorange_login_nonce"
|
| 755 |
+
value="<?php echo wp_create_nonce( 'miniorange-2-factor-login-nonce' ); ?>"/>
|
| 756 |
+
|
| 757 |
+
<input type="hidden" name="miniorange_user_session"
|
| 758 |
+
value="<?php echo $session_id_encrypt; ?>"/>
|
| 759 |
+
|
| 760 |
+
</p>
|
| 761 |
|
| 762 |
<?php
|
| 763 |
if ( get_option( 'mo2f_remember_device' ) ) {
|
| 780 |
if( get_option('mo2f_enable_2fa_prompt_on_login_page') && ! $is_nc_with_unlimited_users &&
|
| 781 |
in_array(get_option('mo2f_configured_2_factor_method'), array("Google Authenticator", "miniOrange Soft Token", "Authy Authenticator"))){
|
| 782 |
echo "\t<p>\n";
|
| 783 |
+
echo "\t\t<label class=\"mo2f_instuction1\" title=\"".__('If you don\'t have 2-factor authentication enabled for your WordPress account, leave this field empty.','google-authenticator')."\">".__('2 Factor Authentication code*','google-authenticator')."<span id=\"google-auth-info\"></span><br />\n";
|
| 784 |
+
echo "\t\t<input type=\"text\" name=\"mo_softtoken\" id=\"mo2f_2fa_code\" class=\"mo2f_2fa_code\" value=\"\" size=\"20\" style=\"ime-mode: inactive;\" /></label>\n";
|
| 785 |
+
echo "\t<p class=\"mo2f_instuction2\" style='color:red; font-size:12px;padding:5px'>* Skip the authentication code if it doesn't apply.</p>\n";
|
| 786 |
echo "\t</p>\n";
|
| 787 |
echo " \r\n";
|
| 788 |
echo " \r\n";
|
| 792 |
|
| 793 |
}
|
| 794 |
|
| 795 |
+
function mo2f_pass2login_mobile_verification( $user, $redirect_to, $session_id_encrypt=null )
|
| 796 |
+
{
|
| 797 |
+
global $Mo2fdbQueries;
|
| 798 |
+
if (is_null($session_id_encrypt)){
|
| 799 |
+
$session_id_encrypt=$this->create_session();
|
| 800 |
+
}
|
| 801 |
$user_email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user->ID );
|
| 802 |
|
| 803 |
$useragent = $_SERVER['HTTP_USER_AGENT'];
|
| 805 |
$session_cookie_variables = array( 'mo2f-login-qrCode', 'mo2f_transactionId' );
|
| 806 |
|
| 807 |
MO2f_Utility::unset_session_variables( $session_cookie_variables );
|
| 808 |
+
MO2f_Utility::unset_cookie_variables( $session_cookie_variables);
|
| 809 |
+
MO2f_Utility::unset_temp_user_details_in_table( 'mo2f_transactionId',$session_id_encrypt);
|
| 810 |
|
| 811 |
$mo2fa_login_message = 'Please enter the one time passcode shown in the miniOrange<b> Authenticator</b> app.';
|
| 812 |
$mo2fa_login_status = 'MO_2_FACTOR_CHALLENGE_SOFT_TOKEN';
|
| 813 |
+
$this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to,null,$session_id_encrypt );
|
| 814 |
} else {
|
| 815 |
$challengeMobile = new Customer_Setup();
|
| 816 |
$content = $challengeMobile->send_otp_token( $user_email, 'MOBILE AUTHENTICATION', get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) );
|
| 817 |
$response = json_decode( $content, true );
|
| 818 |
if ( json_last_error() == JSON_ERROR_NONE ) { /* Generate Qr code */
|
| 819 |
if ( $response['status'] == 'SUCCESS' ) {
|
|
|
|
|
|
|
| 820 |
|
| 821 |
$qrCode = $response['qrCode'];
|
| 822 |
+
MO2f_Utility::set_user_values( $session_id_encrypt,'mo2f_transactionId', $response['txId'] );
|
|
|
|
|
|
|
| 823 |
|
| 824 |
$mo2fa_login_message = '';
|
| 825 |
$mo2fa_login_status = 'MO_2_FACTOR_CHALLENGE_MOBILE_AUTHENTICATION';
|
| 826 |
+
$this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to, $qrCode,$session_id_encrypt );
|
| 827 |
} else if ( $response['status'] == 'ERROR' ) {
|
| 828 |
+
$this->remove_current_activity($session_id_encrypt);
|
| 829 |
$error = new WP_Error();
|
| 830 |
$error->add( 'empty_username', __( '<strong>ERROR</strong>: An error occured while processing your request. Please Try again.' ) );
|
| 831 |
|
| 832 |
return $error;
|
| 833 |
}
|
| 834 |
} else {
|
| 835 |
+
$this->remove_current_activity($session_id_encrypt);
|
| 836 |
$error = new WP_Error();
|
| 837 |
$error->add( 'empty_username', __( '<strong>ERROR</strong>: An error occured while processing your request. Please Try again.' ) );
|
| 838 |
|
| 842 |
|
| 843 |
}
|
| 844 |
|
| 845 |
+
function mo2f_pass2login_push_oobemail_verification( $user, $mo2f_second_factor, $redirect_to, $session_id=null ) {
|
| 846 |
+
global $Mo2fdbQueries;
|
| 847 |
+
if(is_null($session_id)){
|
| 848 |
+
$session_id=$this->create_session();
|
| 849 |
+
}
|
| 850 |
+
$user_email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user->ID );
|
| 851 |
|
| 852 |
+
$challengeMobile = new Customer_Setup();
|
| 853 |
$content = $challengeMobile->send_otp_token( $user_email, $mo2f_second_factor, get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) );
|
| 854 |
$response = json_decode( $content, true );
|
| 855 |
if ( json_last_error() == JSON_ERROR_NONE ) { /* Generate Qr code */
|
| 856 |
if ( $response['status'] == 'SUCCESS' ) {
|
| 857 |
+
MO2f_Utility::set_user_values( $session_id, "mo2f_transactionId", $response['txId'] );
|
|
|
|
|
|
|
|
|
|
| 858 |
|
| 859 |
$mo2fa_login_message = $mo2f_second_factor == 'PUSH NOTIFICATIONS' ? 'A Push Notification has been sent to your phone. We are waiting for your approval.' : 'An email has been sent to ' . MO2f_Utility::mo2f_get_hidden_email( $user_email ) . '. We are waiting for your approval.';
|
| 860 |
$mo2fa_login_status = $mo2f_second_factor == 'PUSH NOTIFICATIONS' ? 'MO_2_FACTOR_CHALLENGE_PUSH_NOTIFICATIONS' : 'MO_2_FACTOR_CHALLENGE_OOB_EMAIL';
|
| 861 |
+
$this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to,null,$session_id);
|
| 862 |
} else if ( $response['status'] == 'ERROR' || $response['status'] == 'FAILED' ) {
|
| 863 |
+
MO2f_Utility::set_user_values( $session_id, "mo2f_transactionId", $response['txId'] );
|
|
|
|
|
|
|
| 864 |
|
| 865 |
$mo2fa_login_message = $mo2f_second_factor == 'PUSH NOTIFICATIONS' ? 'An error occured while sending push notification to your app. You can click on <b>Phone is Offline</b> button to enter soft token from app or <b>Forgot your phone</b> button to receive OTP to your registered email.' : 'An error occured while sending email. Please try again.';
|
| 866 |
$mo2fa_login_status = $mo2f_second_factor == 'PUSH NOTIFICATIONS' ? 'MO_2_FACTOR_CHALLENGE_PUSH_NOTIFICATIONS' : 'MO_2_FACTOR_CHALLENGE_OOB_EMAIL';
|
| 867 |
+
$this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to, null,$session_id );
|
| 868 |
}
|
| 869 |
} else {
|
| 870 |
+
$this->remove_current_activity($session_id);
|
| 871 |
$error = new WP_Error();
|
| 872 |
$error->add( 'empty_username', __( '<strong>ERROR</strong>: An error occured while processing your request. Please Try again.' ) );
|
| 873 |
|
| 875 |
}
|
| 876 |
}
|
| 877 |
|
| 878 |
+
function mo2f_pass2login_otp_verification( $user, $mo2f_second_factor, $redirect_to,$session_id=null ) {
|
| 879 |
global $Mo2fdbQueries;
|
| 880 |
+
if(is_null($session_id)){
|
| 881 |
+
$session_id=$this->create_session();
|
| 882 |
+
}
|
| 883 |
+
|
| 884 |
$mo2f_external_app_type = get_user_meta( $user->ID, 'mo2f_external_app_type', true );
|
| 885 |
$mo2f_user_phone = $Mo2fdbQueries->get_user_detail( 'mo2f_user_phone', $user->ID );
|
| 886 |
|
| 887 |
if ( $mo2f_second_factor == 'SOFT TOKEN' ) {
|
| 888 |
$mo2fa_login_message = 'Please enter the one time passcode shown in the miniOrange<b> Authenticator</b> app.';
|
| 889 |
$mo2fa_login_status = 'MO_2_FACTOR_CHALLENGE_SOFT_TOKEN';
|
| 890 |
+
$this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to, null,$session_id );
|
| 891 |
} else if ( $mo2f_second_factor == 'GOOGLE AUTHENTICATOR' ) {
|
| 892 |
$mo2fa_login_message = $mo2f_external_app_type == 'Authy Authenticator' ? 'Please enter the one time passcode shown in the <b>Authy Authenticator</b> app.' : 'Please enter the one time passcode shown in the <b>Google Authenticator</b> app.';
|
| 893 |
$mo2fa_login_status = 'MO_2_FACTOR_CHALLENGE_GOOGLE_AUTHENTICATION';
|
| 894 |
+
$this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to, null,$session_id );
|
| 895 |
} else {
|
| 896 |
$challengeMobile = new Customer_Setup();
|
| 897 |
$content = $challengeMobile->send_otp_token( $mo2f_user_phone, $mo2f_second_factor, get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) );
|
| 901 |
$message = 'The OTP has been sent to ' . MO2f_Utility::get_hidden_phone( $response['phoneDelivery']['contact'] ) . '. Please enter the OTP you received to Validate.';
|
| 902 |
update_option( 'mo2f_number_of_transactions', get_option( 'mo2f_number_of_transactions' ) - 1 );
|
| 903 |
|
| 904 |
+
MO2f_Utility::set_user_values( $session_id, "mo2f_transactionId", $response['txId'] );
|
|
|
|
|
|
|
| 905 |
|
| 906 |
$mo2fa_login_message = $message;
|
| 907 |
$mo2fa_login_status = 'MO_2_FACTOR_CHALLENGE_OTP_OVER_SMS';
|
| 908 |
+
$this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to,null, $session_id );
|
| 909 |
} else {
|
| 910 |
$message = $response['message'] . ' You can click on <b>Forgot your phone</b> link to login via alternate method.';
|
| 911 |
|
| 912 |
+
MO2f_Utility::set_user_values( $session_id, "mo2f_transactionId", $response['txId'] );
|
|
|
|
|
|
|
| 913 |
|
| 914 |
$mo2fa_login_message = $message;
|
| 915 |
$mo2fa_login_status = 'MO_2_FACTOR_CHALLENGE_OTP_OVER_SMS';
|
| 916 |
+
$this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to,null, $session_id );
|
| 917 |
}
|
| 918 |
} else {
|
| 919 |
+
$this->remove_current_activity($session_id);
|
| 920 |
$error = new WP_Error();
|
| 921 |
$error->add( 'empty_username', __( '<strong>ERROR</strong>: An error occured while processing your request. Please Try again.' ) );
|
| 922 |
|
| 925 |
}
|
| 926 |
}
|
| 927 |
|
| 928 |
+
function mo2fa_pass2login( $redirect_to = null, $session_id_encrypted=null ) {
|
| 929 |
|
| 930 |
+
$user_id = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_current_user_id',$session_id_encrypted );
|
| 931 |
+
$mo2f_1stfactor_status = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_1stfactor_status',$session_id_encrypted );
|
| 932 |
|
| 933 |
if ( $user_id && $mo2f_1stfactor_status && ( $mo2f_1stfactor_status == 'VALIDATE_SUCCESS' ) ) {
|
| 934 |
|
| 935 |
$currentuser = get_user_by( 'id', $user_id );
|
| 936 |
|
| 937 |
wp_set_current_user( $user_id, $currentuser->user_login );
|
| 938 |
+
$this->remove_current_activity($session_id_encrypted);
|
| 939 |
wp_set_auth_cookie( $user_id, true );
|
| 940 |
do_action( 'wp_login', $currentuser->user_login, $currentuser );
|
| 941 |
redirect_user_to( $currentuser, $redirect_to );
|
| 942 |
exit;
|
| 943 |
} else {
|
| 944 |
+
$this->remove_current_activity($session_id_encrypted);
|
| 945 |
}
|
| 946 |
}
|
| 947 |
|
| 948 |
+
function create_session(){
|
| 949 |
+
global $Mo2fdbQueries;
|
| 950 |
+
$session_id = MO2f_Utility::random_str(20);
|
| 951 |
+
$Mo2fdbQueries->insert_user_login_session($session_id);
|
| 952 |
+
|
| 953 |
+
$key = get_option('mo2f_customer_token');
|
| 954 |
+
$session_id_encrypt = MO2f_Utility::encrypt_data($session_id, $key);
|
| 955 |
+
return $session_id_encrypt;
|
| 956 |
+
}
|
| 957 |
|
| 958 |
+
function miniorange_initiate_2nd_factor( $currentuser, $attributes = null, $redirect_to = null, $otp_token = "",$session_id_encrypt=null ) {
|
| 959 |
+
global $Mo2fdbQueries;
|
| 960 |
+
$this->miniorange_pass2login_start_session();
|
| 961 |
+
if(is_null($session_id_encrypt)) {
|
| 962 |
+
$session_id_encrypt=$this->create_session();
|
| 963 |
+
}
|
| 964 |
|
| 965 |
+
MO2f_Utility::set_user_values($session_id_encrypt, 'mo2f_current_user_id', $currentuser->ID);
|
| 966 |
+
MO2f_Utility::set_user_values($session_id_encrypt, 'mo2f_1stfactor_status', 'VALIDATE_SUCCESS');
|
|
|
|
| 967 |
|
| 968 |
$is_customer_admin = get_option( 'mo2f_miniorange_admin' ) == $currentuser->ID ? true : false;
|
| 969 |
$is_2fa_enabled_for_users = get_option( 'mo2f_enable_2fa_for_users' );
|
| 979 |
if ( $email && $mo_2factor_user_registration_status == 'MO_2_FACTOR_PLUGIN_SETTINGS' ) { //checking if user has configured any 2nd factor method
|
| 980 |
try {
|
| 981 |
$mo2f_rba_status = mo2f_collect_attributes( $email, stripslashes( $attributes ) ); // Rba flow
|
| 982 |
+
MO2f_Utility::set_user_values( $session_id_encrypt, 'mo2f_rba_status', $mo2f_rba_status );
|
|
|
|
|
|
|
|
|
|
|
|
|
| 983 |
} catch ( Exception $e ) {
|
| 984 |
echo $e->getMessage();
|
| 985 |
}
|
| 986 |
|
| 987 |
if ( $mo2f_rba_status['status'] == 'SUCCESS' && $mo2f_rba_status['decision_flag'] ) {
|
| 988 |
+
$this->mo2fa_pass2login( $redirect_to, $session_id_encrypt );
|
| 989 |
} else if ( ($mo2f_rba_status['status'] == 'DENY' ) && get_option( 'mo2f_rba_installed' ) ) {
|
| 990 |
+
|
| 991 |
$this->mo2f_restrict_access( 'Access_denied' );
|
| 992 |
exit;
|
| 993 |
} else if ( ($mo2f_rba_status['status'] == 'ERROR') && get_option( 'mo2f_rba_installed' ) ) {
|
| 999 |
|
| 1000 |
if(!$is_nc_with_unlimited_users && get_option('mo2f_enable_2fa_prompt_on_login_page')&& !get_option('mo2f_remember_device')&&
|
| 1001 |
in_array(get_option('mo2f_configured_2_factor_method'), array("Google Authenticator", "miniOrange Soft Token", "Authy Authenticator"))){
|
| 1002 |
+
$error=$this->mo2f_validate_soft_token($currentuser, $redirect_to, $mo2f_second_factor, $otp_token,$session_id_encrypt);
|
| 1003 |
+
|
| 1004 |
+
if(is_wp_error( $error)){
|
| 1005 |
+
return $error;
|
| 1006 |
+
}
|
| 1007 |
+
|
| 1008 |
+
|
| 1009 |
+
}else{
|
| 1010 |
if ( MO2f_Utility::check_if_request_is_from_mobile_device( $_SERVER['HTTP_USER_AGENT'] ) && $kba_configuration_status ) {
|
| 1011 |
+
$this->mo2f_pass2login_kba_verification( $currentuser->ID, $redirect_to, $session_id_encrypt );
|
| 1012 |
} else {
|
|
|
|
| 1013 |
if ( $mo2f_second_factor == 'MOBILE AUTHENTICATION' ) {
|
| 1014 |
+
$this->mo2f_pass2login_mobile_verification( $currentuser, $redirect_to, $session_id_encrypt );
|
| 1015 |
} else if ( $mo2f_second_factor == 'PUSH NOTIFICATIONS' || $mo2f_second_factor == 'OUT OF BAND EMAIL' ) {
|
| 1016 |
+
$this->mo2f_pass2login_push_oobemail_verification( $currentuser, $mo2f_second_factor, $redirect_to, $session_id_encrypt );
|
| 1017 |
} else if ( $mo2f_second_factor == 'SOFT TOKEN' || $mo2f_second_factor == 'SMS' || $mo2f_second_factor == 'PHONE VERIFICATION' || $mo2f_second_factor == 'GOOGLE AUTHENTICATOR' ) {
|
| 1018 |
+
$this->mo2f_pass2login_otp_verification( $currentuser, $mo2f_second_factor, $redirect_to, $session_id_encrypt );
|
| 1019 |
} else if ( $mo2f_second_factor == 'KBA' ) {
|
| 1020 |
+
$this->mo2f_pass2login_kba_verification( $currentuser->ID, $redirect_to , $session_id_encrypt );
|
| 1021 |
} else if ( $mo2f_second_factor == 'NONE' ) {
|
| 1022 |
+
$this->mo2fa_pass2login( $redirect_to, $session_id_encrypt );
|
| 1023 |
} else {
|
| 1024 |
+
$this->remove_current_activity($session_id_encrypt);
|
| 1025 |
$error = new WP_Error();
|
| 1026 |
$error->add( 'empty_username', __( '<strong>ERROR</strong>: Two Factor method has not been configured.' ) );
|
| 1027 |
|
| 1032 |
|
| 1033 |
}
|
| 1034 |
} else {
|
| 1035 |
+
$this->mo2fa_pass2login( $redirect_to, $session_id_encrypt );
|
| 1036 |
}
|
| 1037 |
|
| 1038 |
} else { //plugin is not activated for current role then logged him in without asking 2 factor
|
| 1039 |
+
$this->mo2fa_pass2login( $redirect_to, $session_id_encrypt );
|
| 1040 |
}
|
| 1041 |
|
| 1042 |
}
|
| 1043 |
|
| 1044 |
+
function mo2f_validate_soft_token($currentuser, $redirect_to = null, $mo2f_second_factor, $softtoken,$session_id_encrypt){
|
| 1045 |
global $Mo2fdbQueries;
|
| 1046 |
$email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $currentuser->ID );
|
| 1047 |
$customer = new Customer_Setup();
|
| 1049 |
if ( strcasecmp( $content['status'], 'SUCCESS' ) == 0 ) {
|
| 1050 |
if ( get_option( 'mo2f_remember_device' ) ) {
|
| 1051 |
$mo2fa_login_status = 'MO_2_FACTOR_REMEMBER_TRUSTED_DEVICE';
|
| 1052 |
+
$this->miniorange_pass2login_form_fields( $mo2fa_login_status, null, $redirect_to,null, $session_id_encrypt );
|
| 1053 |
} else {
|
| 1054 |
+
$this->mo2fa_pass2login( $redirect_to, $session_id_encrypt );
|
| 1055 |
}
|
| 1056 |
} else {
|
| 1057 |
return new WP_Error( 'invalid_one_time_passcode', '<strong>ERROR</strong>: Invalid One Time Passcode.');
|
| 1064 |
}
|
| 1065 |
|
| 1066 |
function mo2f_collect_device_attributes_for_authenticated_user( $currentuser, $redirect_to = null ) {
|
| 1067 |
+
global $Mo2fdbQueries;
|
| 1068 |
if ( get_option( 'mo2f_remember_device' ) ) {
|
| 1069 |
$this->miniorange_pass2login_start_session();
|
|
|
|
| 1070 |
|
| 1071 |
+
$session_id=$this->create_session();
|
| 1072 |
+
MO2f_Utility::set_user_values( $session_id, "mo2f_current_user_id", $currentuser->ID );
|
| 1073 |
|
| 1074 |
+
mo2f_collect_device_attributes_handler( $redirect_to,$session_id );
|
| 1075 |
exit;
|
| 1076 |
} else {
|
| 1077 |
$this->miniorange_initiate_2nd_factor( $currentuser, null, $redirect_to );
|
| 1082 |
if ( is_a( $user, 'WP_Error' ) && ! empty( $user ) ) {
|
| 1083 |
return $user;
|
| 1084 |
}
|
| 1085 |
+
|
| 1086 |
|
| 1087 |
// if an app password is enabled, this is an XMLRPC / APP login ?
|
| 1088 |
if ( defined( 'XMLRPC_REQUEST' ) && XMLRPC_REQUEST ) {
|
| 1114 |
}
|
| 1115 |
|
| 1116 |
$attributes = isset( $_POST['miniorange_rba_attribures'] ) ? $_POST['miniorange_rba_attribures'] : null;
|
| 1117 |
+
$session_id = isset( $_POST['miniorange_user_session'] ) ? $_POST['miniorange_user_session'] : null;
|
| 1118 |
+
|
| 1119 |
$redirect_to = isset( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : null;
|
| 1120 |
+
|
| 1121 |
+
if(is_null($session_id)) {
|
| 1122 |
+
$session_id=$this->create_session();
|
| 1123 |
+
}
|
| 1124 |
+
|
| 1125 |
+
|
| 1126 |
+
$error=$this->miniorange_initiate_2nd_factor( $currentuser, $attributes, $redirect_to, $otp_token, $session_id );
|
| 1127 |
+
|
| 1128 |
+
|
| 1129 |
+
if(is_wp_error( $error)){
|
| 1130 |
return $error;
|
| 1131 |
}
|
| 1132 |
|
class-miniorange-2-factor-user-registration.php
CHANGED
|
@@ -30,7 +30,7 @@ class Miniorange_User_Register {
|
|
| 30 |
}
|
| 31 |
|
| 32 |
function plugin_settings_style() {
|
| 33 |
-
wp_enqueue_style( 'mo_2_factor_admin_settings_style', plugins_url( 'includes/css/style_settings.css?version=5.
|
| 34 |
}
|
| 35 |
|
| 36 |
function mo_auth_success_message() {
|
| 30 |
}
|
| 31 |
|
| 32 |
function plugin_settings_style() {
|
| 33 |
+
wp_enqueue_style( 'mo_2_factor_admin_settings_style', plugins_url( 'includes/css/style_settings.css?version=5.1.6', __FILE__ ) );
|
| 34 |
}
|
| 35 |
|
| 36 |
function mo_auth_success_message() {
|
class-utility.php
CHANGED
|
@@ -46,6 +46,28 @@ class MO2f_Utility {
|
|
| 46 |
}
|
| 47 |
}
|
| 48 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 49 |
public static function mo2f_check_number_length( $token ) {
|
| 50 |
if ( is_numeric( $token ) ) {
|
| 51 |
if ( strlen( $token ) >= 4 && strlen( $token ) <= 8 ) {
|
|
@@ -95,14 +117,87 @@ class MO2f_Utility {
|
|
| 95 |
}
|
| 96 |
}
|
| 97 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 98 |
/**
|
| 99 |
* The function returns the session variables, and if not, retrieves the cookie values set in case the right permissions are not aassigned for the sessions folder in the server.
|
| 100 |
*
|
| 101 |
* @param string $variable - the session or cookie variable name
|
|
|
|
| 102 |
*
|
| 103 |
* @return string
|
| 104 |
*/
|
| 105 |
-
public static function
|
|
|
|
| 106 |
|
| 107 |
if ( isset( $_SESSION[ $variable ] ) && ! empty( $_SESSION[ $variable ] ) ) {
|
| 108 |
return $_SESSION[ $variable ];
|
|
@@ -137,7 +232,19 @@ class MO2f_Utility {
|
|
| 137 |
$cookie_value = MO2f_Utility::mo2f_get_cookie_values( $variable );
|
| 138 |
}
|
| 139 |
|
| 140 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 141 |
|
| 142 |
}
|
| 143 |
|
|
@@ -176,23 +283,6 @@ class MO2f_Utility {
|
|
| 176 |
}
|
| 177 |
}
|
| 178 |
|
| 179 |
-
/**
|
| 180 |
-
* @param string $data - crypt response from Sagepay
|
| 181 |
-
*
|
| 182 |
-
* @return string
|
| 183 |
-
*/
|
| 184 |
-
public static function decrypt_data( $data, $key ) {
|
| 185 |
-
$strIn = base64_decode( $data );
|
| 186 |
-
$key = openssl_digest( $key, 'sha256' );
|
| 187 |
-
$method = 'AES-128-ECB';
|
| 188 |
-
$ivSize = openssl_cipher_iv_length( $method );
|
| 189 |
-
$iv = substr( $strIn, 0, $ivSize );
|
| 190 |
-
$data = substr( $strIn, $ivSize );
|
| 191 |
-
$clear = openssl_decrypt( $data, $method, $key, OPENSSL_RAW_DATA || OPENSSL_ZERO_PADDING, $iv );
|
| 192 |
-
|
| 193 |
-
return $clear;
|
| 194 |
-
}
|
| 195 |
-
|
| 196 |
/**
|
| 197 |
* The function sets the cookie value after encryption and encoding.
|
| 198 |
*
|
|
@@ -201,7 +291,7 @@ class MO2f_Utility {
|
|
| 201 |
*
|
| 202 |
* @return string
|
| 203 |
*/
|
| 204 |
-
public static function
|
| 205 |
$key = get_option( 'mo2f_customer_token' );
|
| 206 |
|
| 207 |
$current_time = new DateTime( 'now' );
|
|
@@ -270,8 +360,34 @@ class MO2f_Utility {
|
|
| 270 |
setcookie( $variables, '', time() - 3600 );
|
| 271 |
}
|
| 272 |
}
|
|
|
|
| 273 |
}
|
| 274 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 275 |
/**
|
| 276 |
* The function decodes the twofactor methods
|
| 277 |
*
|
|
@@ -329,6 +445,13 @@ class MO2f_Utility {
|
|
| 329 |
|
| 330 |
}
|
| 331 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 332 |
|
| 333 |
}
|
| 334 |
|
| 46 |
}
|
| 47 |
}
|
| 48 |
|
| 49 |
+
public static function get_all_plugins_installed() {
|
| 50 |
+
$all_plugins = get_plugins();
|
| 51 |
+
$plugins = array();
|
| 52 |
+
$form = "";
|
| 53 |
+
$plugins["None"] = "None";
|
| 54 |
+
|
| 55 |
+
foreach ($all_plugins as $plugin_name=>$plugin_details){
|
| 56 |
+
$plugins[$plugin_name] = $plugin_details["Name"];
|
| 57 |
+
}
|
| 58 |
+
|
| 59 |
+
unset($plugins['miniorange-2-factor-authentication/miniorange_2_factor_settings.php']);
|
| 60 |
+
|
| 61 |
+
$form .= '<div style="padding:5px;margin-left:4%;font-size:13px;background-color: #a3e8c2">Please select the plugin<br>
|
| 62 |
+
<select name="plugin_selected">';
|
| 63 |
+
foreach($plugins as $identifier=>$name) {
|
| 64 |
+
$form .= '<option value="' . $identifier . '">' . $name . '</option>' ;
|
| 65 |
+
}
|
| 66 |
+
$form .= '</select></div>';
|
| 67 |
+
|
| 68 |
+
return $form;
|
| 69 |
+
}
|
| 70 |
+
|
| 71 |
public static function mo2f_check_number_length( $token ) {
|
| 72 |
if ( is_numeric( $token ) ) {
|
| 73 |
if ( strlen( $token ) >= 4 && strlen( $token ) <= 8 ) {
|
| 117 |
}
|
| 118 |
}
|
| 119 |
|
| 120 |
+
|
| 121 |
+
public static function set_user_values( $user_session_id, $variable, $value){
|
| 122 |
+
global $Mo2fdbQueries;
|
| 123 |
+
|
| 124 |
+
// setting session values
|
| 125 |
+
$_SESSION[$variable] = $value;
|
| 126 |
+
$key = get_option( 'mo2f_customer_token' );
|
| 127 |
+
// setting cookie values
|
| 128 |
+
if(is_array($value)){
|
| 129 |
+
if($variable == 'mo_2_factor_kba_questions'){
|
| 130 |
+
MO2f_Utility::mo2f_set_cookie_values( 'kba_question1', $value[0] );
|
| 131 |
+
MO2f_Utility::mo2f_set_cookie_values( 'kba_question2', $value[1] );
|
| 132 |
+
}else if($variable == 'mo2f_rba_status'){
|
| 133 |
+
MO2f_Utility::mo2f_set_cookie_values( 'mo2f_rba_status_status', $value["status"] );
|
| 134 |
+
MO2f_Utility::mo2f_set_cookie_values( 'mo2f_rba_status_sessionUuid', $value["sessionUuid"] );
|
| 135 |
+
MO2f_Utility::mo2f_set_cookie_values( 'mo2f_rba_status_decision_flag', $value["decision_flag"] );
|
| 136 |
+
}
|
| 137 |
+
}else{
|
| 138 |
+
MO2f_Utility::mo2f_set_cookie_values( $variable, $value);
|
| 139 |
+
}
|
| 140 |
+
|
| 141 |
+
|
| 142 |
+
// setting values in database
|
| 143 |
+
|
| 144 |
+
$user_session_id = MO2f_Utility::decrypt_data( $user_session_id, $key );
|
| 145 |
+
if ( is_array( $value ) ) {
|
| 146 |
+
$string_value = serialize( $value );
|
| 147 |
+
$Mo2fdbQueries->save_user_login_details( $user_session_id, array( $variable => $string_value ) );
|
| 148 |
+
} else {
|
| 149 |
+
$Mo2fdbQueries->save_user_login_details( $user_session_id, array( $variable => $value ) );
|
| 150 |
+
}
|
| 151 |
+
|
| 152 |
+
|
| 153 |
+
}
|
| 154 |
+
|
| 155 |
+
/*
|
| 156 |
+
|
| 157 |
+
Returns Random string with length provided in parameter.
|
| 158 |
+
|
| 159 |
+
*/
|
| 160 |
+
|
| 161 |
+
/**
|
| 162 |
+
* @param string $data - crypt response from Sagepay
|
| 163 |
+
*
|
| 164 |
+
* @return string
|
| 165 |
+
*/
|
| 166 |
+
public static function decrypt_data( $data, $key ) {
|
| 167 |
+
$strIn = base64_decode( $data );
|
| 168 |
+
$key = openssl_digest( $key, 'sha256' );
|
| 169 |
+
$method = 'AES-128-ECB';
|
| 170 |
+
$ivSize = openssl_cipher_iv_length( $method );
|
| 171 |
+
$iv = substr( $strIn, 0, $ivSize );
|
| 172 |
+
$data = substr( $strIn, $ivSize );
|
| 173 |
+
$clear = openssl_decrypt( $data, $method, $key, OPENSSL_RAW_DATA || OPENSSL_ZERO_PADDING, $iv );
|
| 174 |
+
|
| 175 |
+
return $clear;
|
| 176 |
+
}
|
| 177 |
+
|
| 178 |
+
public static function random_str( $length, $keyspace = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ' ) {
|
| 179 |
+
$randomString = '';
|
| 180 |
+
$charactersLength = strlen( $keyspace );
|
| 181 |
+
$keyspace = $keyspace . microtime( true );
|
| 182 |
+
$keyspace = str_shuffle( $keyspace );
|
| 183 |
+
for ( $i = 0; $i < $length; $i ++ ) {
|
| 184 |
+
$randomString .= $keyspace[ rand( 0, $charactersLength - 1 ) ];
|
| 185 |
+
}
|
| 186 |
+
|
| 187 |
+
return $randomString;
|
| 188 |
+
|
| 189 |
+
}
|
| 190 |
+
|
| 191 |
/**
|
| 192 |
* The function returns the session variables, and if not, retrieves the cookie values set in case the right permissions are not aassigned for the sessions folder in the server.
|
| 193 |
*
|
| 194 |
* @param string $variable - the session or cookie variable name
|
| 195 |
+
* @param string $session_id - the session id of the user
|
| 196 |
*
|
| 197 |
* @return string
|
| 198 |
*/
|
| 199 |
+
public static function mo2f_retrieve_user_temp_values( $variable, $session_id = null ) {
|
| 200 |
+
global $Mo2fdbQueries;
|
| 201 |
|
| 202 |
if ( isset( $_SESSION[ $variable ] ) && ! empty( $_SESSION[ $variable ] ) ) {
|
| 203 |
return $_SESSION[ $variable ];
|
| 232 |
$cookie_value = MO2f_Utility::mo2f_get_cookie_values( $variable );
|
| 233 |
}
|
| 234 |
|
| 235 |
+
if($cookie_value){
|
| 236 |
+
return $cookie_value;
|
| 237 |
+
} else {
|
| 238 |
+
|
| 239 |
+
$session_id = MO2f_Utility::decrypt_data( $session_id, $key );
|
| 240 |
+
|
| 241 |
+
$db_value = $Mo2fdbQueries->get_user_login_details( $variable, $session_id );
|
| 242 |
+
|
| 243 |
+
if ( in_array( $variable, array( "mo2f_rba_status", "mo_2_factor_kba_questions" ) ) ) {
|
| 244 |
+
$db_value = unserialize( $db_value );
|
| 245 |
+
}
|
| 246 |
+
return $db_value;
|
| 247 |
+
}
|
| 248 |
|
| 249 |
}
|
| 250 |
|
| 283 |
}
|
| 284 |
}
|
| 285 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 286 |
/**
|
| 287 |
* The function sets the cookie value after encryption and encoding.
|
| 288 |
*
|
| 291 |
*
|
| 292 |
* @return string
|
| 293 |
*/
|
| 294 |
+
public static function mo2f_set_cookie_values( $cookiename, $cookievalue ) {
|
| 295 |
$key = get_option( 'mo2f_customer_token' );
|
| 296 |
|
| 297 |
$current_time = new DateTime( 'now' );
|
| 360 |
setcookie( $variables, '', time() - 3600 );
|
| 361 |
}
|
| 362 |
}
|
| 363 |
+
|
| 364 |
}
|
| 365 |
|
| 366 |
+
/**
|
| 367 |
+
* The function unsets the temp table variables passed.
|
| 368 |
+
*
|
| 369 |
+
* @param array $variables - the array of temporary table variables to be unset
|
| 370 |
+
* @param string $session_id - the session_id for which it should be destroyed
|
| 371 |
+
*
|
| 372 |
+
* @return NA
|
| 373 |
+
*/
|
| 374 |
+
public static function unset_temp_user_details_in_table( $variables, $session_id, $command='' ) {
|
| 375 |
+
|
| 376 |
+
global $Mo2fdbQueries;
|
| 377 |
+
|
| 378 |
+
$key = get_option( 'mo2f_customer_token' );
|
| 379 |
+
$session_id = MO2f_Utility::decrypt_data( $session_id, $key );
|
| 380 |
+
|
| 381 |
+
if($command == "destroy"){
|
| 382 |
+
$Mo2fdbQueries->delete_user_login_sessions( );
|
| 383 |
+
}else{
|
| 384 |
+
$Mo2fdbQueries->save_user_login_details($session_id, array($variables => ''));
|
| 385 |
+
}
|
| 386 |
+
|
| 387 |
+
}
|
| 388 |
+
|
| 389 |
+
|
| 390 |
+
|
| 391 |
/**
|
| 392 |
* The function decodes the twofactor methods
|
| 393 |
*
|
| 445 |
|
| 446 |
}
|
| 447 |
|
| 448 |
+
public static function get_plugin_name_by_identifier( $plugin_identitifier ){
|
| 449 |
+
$all_plugins = get_plugins();
|
| 450 |
+
$plugin_details = $all_plugins[$plugin_identitifier];
|
| 451 |
+
|
| 452 |
+
return $plugin_details["Name"] ? $plugin_details["Name"] : "No Plugin selected" ;
|
| 453 |
+
}
|
| 454 |
+
|
| 455 |
|
| 456 |
}
|
| 457 |
|
database/database_functions.php
CHANGED
|
@@ -8,9 +8,12 @@ class Mo2fDB {
|
|
| 8 |
function __construct() {
|
| 9 |
global $wpdb;
|
| 10 |
$this->userDetailsTable = $wpdb->prefix . 'mo2f_user_details';
|
|
|
|
| 11 |
}
|
| 12 |
|
| 13 |
function mo_plugin_activate() {
|
|
|
|
|
|
|
| 14 |
global $wpdb;
|
| 15 |
if ( ! get_option( 'mo2f_dbversion' ) ) {
|
| 16 |
update_option( 'mo2f_dbversion', 140 );
|
|
@@ -28,7 +31,10 @@ class Mo2fDB {
|
|
| 28 |
global $wpdb;
|
| 29 |
|
| 30 |
$tableName = $this->userDetailsTable;
|
| 31 |
-
|
|
|
|
|
|
|
|
|
|
| 32 |
`user_id` bigint NOT NULL,
|
| 33 |
`mo2f_OTPOverSMS_config_status` tinyint,
|
| 34 |
`mo2f_miniOrangePushNotification_config_status` tinyint,
|
|
@@ -46,7 +52,28 @@ class Mo2fDB {
|
|
| 46 |
`user_registration_with_miniorange` mediumtext NOT NULL,
|
| 47 |
`mo_2factor_user_registration_status` mediumtext NOT NULL,
|
| 48 |
UNIQUE KEY user_id (user_id) );";
|
| 49 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 50 |
|
| 51 |
|
| 52 |
}
|
|
@@ -83,6 +110,7 @@ class Mo2fDB {
|
|
| 83 |
return;
|
| 84 |
}
|
| 85 |
|
|
|
|
| 86 |
function check_if_table_exists( ) {
|
| 87 |
global $wpdb;
|
| 88 |
$does_table_exist= $wpdb->query(
|
|
@@ -103,6 +131,21 @@ class Mo2fDB {
|
|
| 103 |
|
| 104 |
}
|
| 105 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 106 |
function update_user_details( $user_id, $update ) {
|
| 107 |
global $wpdb;
|
| 108 |
$count = count( $update );
|
|
@@ -122,5 +165,60 @@ class Mo2fDB {
|
|
| 122 |
return;
|
| 123 |
|
| 124 |
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 125 |
|
| 126 |
}
|
| 8 |
function __construct() {
|
| 9 |
global $wpdb;
|
| 10 |
$this->userDetailsTable = $wpdb->prefix . 'mo2f_user_details';
|
| 11 |
+
$this->userLoginInfoTable = $wpdb->prefix . 'mo2f_user_login_info';
|
| 12 |
}
|
| 13 |
|
| 14 |
function mo_plugin_activate() {
|
| 15 |
+
|
| 16 |
+
|
| 17 |
global $wpdb;
|
| 18 |
if ( ! get_option( 'mo2f_dbversion' ) ) {
|
| 19 |
update_option( 'mo2f_dbversion', 140 );
|
| 31 |
global $wpdb;
|
| 32 |
|
| 33 |
$tableName = $this->userDetailsTable;
|
| 34 |
+
|
| 35 |
+
if($wpdb->get_var("show tables like '$tableName'") != $tableName) {
|
| 36 |
+
|
| 37 |
+
$sql = "CREATE TABLE IF NOT EXISTS " . $tableName . " (
|
| 38 |
`user_id` bigint NOT NULL,
|
| 39 |
`mo2f_OTPOverSMS_config_status` tinyint,
|
| 40 |
`mo2f_miniOrangePushNotification_config_status` tinyint,
|
| 52 |
`user_registration_with_miniorange` mediumtext NOT NULL,
|
| 53 |
`mo_2factor_user_registration_status` mediumtext NOT NULL,
|
| 54 |
UNIQUE KEY user_id (user_id) );";
|
| 55 |
+
|
| 56 |
+
dbDelta( $sql );
|
| 57 |
+
}
|
| 58 |
+
|
| 59 |
+
$tableName = $this->userLoginInfoTable;
|
| 60 |
+
|
| 61 |
+
if($wpdb->get_var("show tables like '$tableName'") != $tableName) {
|
| 62 |
+
|
| 63 |
+
$sql = "CREATE TABLE IF NOT EXISTS " . $tableName . " (
|
| 64 |
+
`session_id` MEDIUMTEXT NOT NULL,
|
| 65 |
+
`mo2f_login_message` VARCHAR(500) NOT NULL ,
|
| 66 |
+
`mo2f_current_user_id` INT(50) NOT NULL ,
|
| 67 |
+
`mo2f_1stfactor_status` VARCHAR(100) NOT NULL ,
|
| 68 |
+
`mo_2factor_login_status` VARCHAR(100) NOT NULL ,
|
| 69 |
+
`mo2f_transactionId` VARCHAR(100) NOT NULL ,
|
| 70 |
+
`mo_2_factor_kba_questions` LONGTEXT NOT NULL ,
|
| 71 |
+
`mo2f_rba_status` LONGTEXT NOT NULL ,
|
| 72 |
+
`ts_created` TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
|
| 73 |
+
PRIMARY KEY (`session_id`(500)));";
|
| 74 |
+
|
| 75 |
+
dbDelta( $sql );
|
| 76 |
+
}
|
| 77 |
|
| 78 |
|
| 79 |
}
|
| 110 |
return;
|
| 111 |
}
|
| 112 |
|
| 113 |
+
|
| 114 |
function check_if_table_exists( ) {
|
| 115 |
global $wpdb;
|
| 116 |
$does_table_exist= $wpdb->query(
|
| 131 |
|
| 132 |
}
|
| 133 |
|
| 134 |
+
function check_if_column_exists($user_id, $table_type, $column_name ){
|
| 135 |
+
|
| 136 |
+
if($table_type == "user_login_info_table")
|
| 137 |
+
$table = $this->userLoginInfoTable;
|
| 138 |
+
|
| 139 |
+
global $wpdb;
|
| 140 |
+
$value = $wpdb->query(
|
| 141 |
+
"SHOW COLUMNS FROM " . $table . "
|
| 142 |
+
LIKE '" . $column_name . "'"
|
| 143 |
+
);
|
| 144 |
+
|
| 145 |
+
return $value;
|
| 146 |
+
|
| 147 |
+
}
|
| 148 |
+
|
| 149 |
function update_user_details( $user_id, $update ) {
|
| 150 |
global $wpdb;
|
| 151 |
$count = count( $update );
|
| 165 |
return;
|
| 166 |
|
| 167 |
}
|
| 168 |
+
|
| 169 |
+
function insert_user_login_session( $session_id ) {
|
| 170 |
+
global $wpdb;
|
| 171 |
+
$sql = "INSERT INTO $this->userLoginInfoTable (session_id) VALUES('$session_id') ON DUPLICATE KEY UPDATE session_id='$session_id'";
|
| 172 |
+
|
| 173 |
+
$wpdb->query( $sql );
|
| 174 |
+
$sql = "DELETE FROM $this->userLoginInfoTable WHERE ts_created < DATE_ADD(NOW(),INTERVAL - 2 MINUTE);";
|
| 175 |
+
$wpdb->query( $sql );
|
| 176 |
+
}
|
| 177 |
+
|
| 178 |
+
function save_user_login_details( $session_id, $user_values ) {
|
| 179 |
+
global $wpdb;
|
| 180 |
+
$count = count( $user_values );
|
| 181 |
+
$sql = "UPDATE " . $this->userLoginInfoTable . " SET ";
|
| 182 |
+
$i = 1;
|
| 183 |
+
foreach ( $user_values as $key => $value ) {
|
| 184 |
+
|
| 185 |
+
$sql .= $key . "='" . $value . "'";
|
| 186 |
+
if ( $i < $count ) {
|
| 187 |
+
$sql .= ' , ';
|
| 188 |
+
}
|
| 189 |
+
$i ++;
|
| 190 |
+
}
|
| 191 |
+
$sql .= " WHERE session_id='" . $session_id . "';";
|
| 192 |
+
$wpdb->query( $sql );
|
| 193 |
+
|
| 194 |
+
return;
|
| 195 |
+
|
| 196 |
+
}
|
| 197 |
+
|
| 198 |
+
function execute_add_column ( $query ){
|
| 199 |
+
global $wpdb;
|
| 200 |
+
$wpdb->query( $query );
|
| 201 |
+
|
| 202 |
+
return;
|
| 203 |
+
}
|
| 204 |
+
|
| 205 |
+
function get_user_login_details( $column_name, $session_id ) {
|
| 206 |
+
global $wpdb;
|
| 207 |
+
$user_column_detail = $wpdb->get_results( "SELECT " . $column_name . " FROM " . $this->userLoginInfoTable . " WHERE session_id = '" . $session_id . "';" );
|
| 208 |
+
$value = empty( $user_column_detail ) ? '' : get_object_vars( $user_column_detail[0] );
|
| 209 |
+
|
| 210 |
+
return $value == '' ? '' : $value[ $column_name ];
|
| 211 |
+
}
|
| 212 |
+
|
| 213 |
+
function delete_user_login_sessions( ) {
|
| 214 |
+
global $wpdb;
|
| 215 |
+
$wpdb->query(
|
| 216 |
+
"DELETE FROM " . $this->userLoginInfoTable . "
|
| 217 |
+
WHERE 1;"
|
| 218 |
+
);
|
| 219 |
+
|
| 220 |
+
return;
|
| 221 |
+
}
|
| 222 |
+
|
| 223 |
|
| 224 |
}
|
includes/css/bootstrap.min.css
CHANGED
|
@@ -427,6 +427,12 @@ button.mo2f_close {
|
|
| 427 |
}
|
| 428 |
|
| 429 |
#smsAlertModal {
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 430 |
background-color: black !important;
|
| 431 |
opacity: 0.8 !important;
|
| 432 |
filter: alpha(opacity=50) !important;
|
|
@@ -441,6 +447,7 @@ button.mo2f_close {
|
|
| 441 |
.mo2f_modal-title {
|
| 442 |
margin: 0 !important;
|
| 443 |
line-height: 1.0 !important;
|
|
|
|
| 444 |
}
|
| 445 |
|
| 446 |
.mo2f_modal-body {
|
| 427 |
}
|
| 428 |
|
| 429 |
#smsAlertModal {
|
| 430 |
+
background-color: black !important;
|
| 431 |
+
opacity: 0.8 !important;
|
| 432 |
+
font-family: Roboto;
|
| 433 |
+
}
|
| 434 |
+
|
| 435 |
+
#twoFAtestAlertModal {
|
| 436 |
background-color: black !important;
|
| 437 |
opacity: 0.8 !important;
|
| 438 |
filter: alpha(opacity=50) !important;
|
| 447 |
.mo2f_modal-title {
|
| 448 |
margin: 0 !important;
|
| 449 |
line-height: 1.0 !important;
|
| 450 |
+
font-size: 1rem;
|
| 451 |
}
|
| 452 |
|
| 453 |
.mo2f_modal-body {
|
includes/css/style_settings.css
CHANGED
|
@@ -49,6 +49,18 @@
|
|
| 49 |
text-decoration: underline;
|
| 50 |
}
|
| 51 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 52 |
.mo2f_table_textbox {
|
| 53 |
width: 100%;
|
| 54 |
height: 30px;
|
|
@@ -458,16 +470,10 @@ a {
|
|
| 458 |
|
| 459 |
/* added by gayathri */
|
| 460 |
|
| 461 |
-
.mo2f_google_authy_step1 {
|
| 462 |
-
vertical-align: top;
|
| 463 |
-
padding-right: 15px;
|
| 464 |
-
width: 26%;
|
| 465 |
-
}
|
| 466 |
-
|
| 467 |
.mo2f_google_authy_step2 {
|
| 468 |
vertical-align: top;
|
| 469 |
padding-right: 15px;
|
| 470 |
-
width:
|
| 471 |
}
|
| 472 |
|
| 473 |
.mo2f_google_authy_step3 {
|
| 49 |
text-decoration: underline;
|
| 50 |
}
|
| 51 |
|
| 52 |
+
.mo2f_authy_step1 {
|
| 53 |
+
vertical-align: top;
|
| 54 |
+
padding-right: 15px;
|
| 55 |
+
width: 26%;
|
| 56 |
+
}
|
| 57 |
+
|
| 58 |
+
.mo2f_authy_step2 {
|
| 59 |
+
vertical-align: top;
|
| 60 |
+
padding-right: 15px;
|
| 61 |
+
width: 46%;
|
| 62 |
+
}
|
| 63 |
+
|
| 64 |
.mo2f_table_textbox {
|
| 65 |
width: 100%;
|
| 66 |
height: 30px;
|
| 470 |
|
| 471 |
/* added by gayathri */
|
| 472 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 473 |
.mo2f_google_authy_step2 {
|
| 474 |
vertical-align: top;
|
| 475 |
padding-right: 15px;
|
| 476 |
+
width: 70%;
|
| 477 |
}
|
| 478 |
|
| 479 |
.mo2f_google_authy_step3 {
|
miniorange_2_factor_common_login.php
CHANGED
|
@@ -1,5 +1,5 @@
|
|
| 1 |
<?php
|
| 2 |
-
function mo2f_collect_device_attributes_handler( $redirect_to = null ) {
|
| 3 |
?>
|
| 4 |
<html>
|
| 5 |
<head>
|
|
@@ -33,6 +33,7 @@ function mo2f_collect_device_attributes_handler( $redirect_to = null ) {
|
|
| 33 |
<input type="hidden" name="miniorange_attribute_collection_nonce"
|
| 34 |
value="<?php echo wp_create_nonce( 'miniorange-2-factor-login-attribute-collection-nonce' ); ?>"/>
|
| 35 |
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
|
|
|
| 36 |
</form>
|
| 37 |
</div>
|
| 38 |
</body>
|
|
@@ -161,7 +162,7 @@ function mo2f_get_user_2ndfactor( $user ) {
|
|
| 161 |
return $mo2f_second_factor;
|
| 162 |
}
|
| 163 |
|
| 164 |
-
function mo2f_get_forgotphone_form( $login_status, $login_message, $redirect_to ) {
|
| 165 |
$mo2f_forgotphone_enabled = get_option( 'mo2f_enable_forgotphone' );
|
| 166 |
$mo2f_email_as_backup_enabled = get_option( 'mo2f_enable_forgotphone_email' );
|
| 167 |
$mo2f_kba_as_backup_enabled = get_option( 'mo2f_enable_forgotphone_kba' );
|
|
@@ -221,12 +222,14 @@ function mo2f_get_forgotphone_form( $login_status, $login_message, $redirect_to
|
|
| 221 |
class="mo2f_display_none_forms">
|
| 222 |
<input type="hidden" name="miniorange_mobile_validation_failed_nonce"
|
| 223 |
value="<?php echo wp_create_nonce( 'miniorange-2-factor-mobile-validation-failed-nonce' ); ?>"/>
|
|
|
|
| 224 |
</form>
|
| 225 |
<form name="f" id="mo2f_challenge_forgotphone_form" method="post" class="mo2f_display_none_forms">
|
| 226 |
<input type="hidden" name="mo2f_configured_2FA_method"/>
|
| 227 |
<input type="hidden" name="miniorange_challenge_forgotphone_nonce"
|
| 228 |
value="<?php echo wp_create_nonce( 'miniorange-2-factor-challenge-forgotphone-nonce' ); ?>"/>
|
| 229 |
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
|
|
|
| 230 |
</form>
|
| 231 |
|
| 232 |
<script>
|
|
@@ -244,7 +247,7 @@ function mo2f_get_forgotphone_form( $login_status, $login_message, $redirect_to
|
|
| 244 |
</html>
|
| 245 |
<?php }
|
| 246 |
|
| 247 |
-
function mo2f_get_kba_authentication_prompt( $login_message, $redirect_to ) {
|
| 248 |
$mo2f_login_option = get_option( 'mo2f_login_option' );
|
| 249 |
$mo2f_remember_device_enabled = get_option( 'mo2f_remember_device' );
|
| 250 |
?>
|
|
@@ -278,7 +281,7 @@ function mo2f_get_kba_authentication_prompt( $login_message, $redirect_to ) {
|
|
| 278 |
<form name="f" id="mo2f_submitkba_loginform" method="post">
|
| 279 |
<div id="mo2f_kba_content">
|
| 280 |
<p style="font-size:15px;">
|
| 281 |
-
<?php $kba_questions = MO2f_Utility::
|
| 282 |
echo $kba_questions[0]; ?><br>
|
| 283 |
<input class="mo2f-textbox" type="password" name="mo2f_answer_1" id="mo2f_answer_1"
|
| 284 |
required="true" autofocus="true"
|
|
@@ -310,6 +313,7 @@ function mo2f_get_kba_authentication_prompt( $login_message, $redirect_to ) {
|
|
| 310 |
<input type="hidden" name="miniorange_kba_nonce"
|
| 311 |
value="<?php echo wp_create_nonce( 'miniorange-2-factor-kba-nonce' ); ?>"/>
|
| 312 |
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
|
|
|
| 313 |
</form>
|
| 314 |
<br>
|
| 315 |
</div>
|
|
@@ -322,6 +326,7 @@ function mo2f_get_kba_authentication_prompt( $login_message, $redirect_to ) {
|
|
| 322 |
class="mo2f_display_none_forms">
|
| 323 |
<input type="hidden" name="miniorange_mobile_validation_failed_nonce"
|
| 324 |
value="<?php echo wp_create_nonce( 'miniorange-2-factor-mobile-validation-failed-nonce' ); ?>"/>
|
|
|
|
| 325 |
</form>
|
| 326 |
|
| 327 |
<script>
|
|
@@ -335,7 +340,7 @@ function mo2f_get_kba_authentication_prompt( $login_message, $redirect_to ) {
|
|
| 335 |
<?php
|
| 336 |
}
|
| 337 |
|
| 338 |
-
function mo2f_get_push_notification_oobemail_prompt( $id, $login_status, $login_message, $redirect_to ) {
|
| 339 |
global $Mo2fdbQueries;
|
| 340 |
$mo2f_enable_forgotphone = get_option( 'mo2f_enable_forgotphone' );
|
| 341 |
$mo2f_KBA_config_status = $Mo2fdbQueries->get_user_detail( 'mo2f_SecurityQuestions_config_status', $id );
|
|
@@ -413,27 +418,32 @@ function mo2f_get_push_notification_oobemail_prompt( $id, $login_status, $login_
|
|
| 413 |
class="mo2f_display_none_forms">
|
| 414 |
<input type="hidden" name="miniorange_mobile_validation_failed_nonce"
|
| 415 |
value="<?php echo wp_create_nonce( 'miniorange-2-factor-mobile-validation-failed-nonce' ); ?>"/>
|
|
|
|
| 416 |
</form>
|
| 417 |
<form name="f" id="mo2f_mobile_validation_form" method="post" class="mo2f_display_none_forms">
|
| 418 |
<input type="hidden" name="miniorange_mobile_validation_nonce"
|
| 419 |
value="<?php echo wp_create_nonce( 'miniorange-2-factor-mobile-validation-nonce' ); ?>"/>
|
| 420 |
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
|
|
|
| 421 |
</form>
|
| 422 |
<form name="f" id="mo2f_show_softtoken_loginform" method="post" class="mo2f_display_none_forms">
|
| 423 |
<input type="hidden" name="miniorange_softtoken"
|
| 424 |
value="<?php echo wp_create_nonce( 'miniorange-2-factor-softtoken' ); ?>"/>
|
| 425 |
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
|
|
|
| 426 |
</form>
|
| 427 |
<form name="f" id="mo2f_show_forgotphone_loginform" method="post" class="mo2f_display_none_forms">
|
| 428 |
<input type="hidden" name="request_origin_method" value="<?php echo $login_status; ?>"/>
|
| 429 |
<input type="hidden" name="miniorange_forgotphone"
|
| 430 |
value="<?php echo wp_create_nonce( 'miniorange-2-factor-forgotphone' ); ?>"/>
|
| 431 |
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
|
|
|
| 432 |
</form>
|
| 433 |
<form name="f" id="mo2f_alternate_login_kbaform" method="post" class="mo2f_display_none_forms">
|
| 434 |
<input type="hidden" name="miniorange_alternate_login_kba_nonce"
|
| 435 |
value="<?php echo wp_create_nonce( 'miniorange-2-factor-alternate-login-kba-nonce' ); ?>"/>
|
| 436 |
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
|
|
|
| 437 |
</form>
|
| 438 |
|
| 439 |
<script>
|
|
@@ -441,7 +451,7 @@ function mo2f_get_push_notification_oobemail_prompt( $id, $login_status, $login_
|
|
| 441 |
pollPushValidation();
|
| 442 |
|
| 443 |
function pollPushValidation() {
|
| 444 |
-
var transId = "<?php echo MO2f_Utility::
|
| 445 |
var jsonString = "{\"txId\":\"" + transId + "\"}";
|
| 446 |
var postUrl = "<?php echo get_option( 'mo2f_host_name' ); ?>" + "/moas/api/auth/auth-status";
|
| 447 |
|
|
@@ -486,7 +496,7 @@ function mo2f_get_push_notification_oobemail_prompt( $id, $login_status, $login_
|
|
| 486 |
<?php
|
| 487 |
}
|
| 488 |
|
| 489 |
-
function mo2f_get_qrcode_authentication_prompt( $login_status, $login_message, $redirect_to, $qrCode ) {
|
| 490 |
$mo2f_enable_forgotphone = get_option( 'mo2f_enable_forgotphone' );
|
| 491 |
$mo2f_is_new_customer = get_option( 'mo2f_is_NC' );
|
| 492 |
?>
|
|
@@ -551,29 +561,33 @@ function mo2f_get_qrcode_authentication_prompt( $login_status, $login_message, $
|
|
| 551 |
class="mo2f_display_none_forms">
|
| 552 |
<input type="hidden" name="miniorange_mobile_validation_failed_nonce"
|
| 553 |
value="<?php echo wp_create_nonce( 'miniorange-2-factor-mobile-validation-failed-nonce' ); ?>"/>
|
|
|
|
| 554 |
</form>
|
| 555 |
<form name="f" id="mo2f_mobile_validation_form" method="post" class="mo2f_display_none_forms">
|
| 556 |
<input type="hidden" name="miniorange_mobile_validation_nonce"
|
| 557 |
value="<?php echo wp_create_nonce( 'miniorange-2-factor-mobile-validation-nonce' ); ?>"/>
|
| 558 |
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
|
|
|
| 559 |
</form>
|
| 560 |
<form name="f" id="mo2f_show_softtoken_loginform" method="post" class="mo2f_display_none_forms">
|
| 561 |
<input type="hidden" name="miniorange_softtoken"
|
| 562 |
value="<?php echo wp_create_nonce( 'miniorange-2-factor-softtoken' ); ?>"/>
|
| 563 |
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
|
|
|
| 564 |
</form>
|
| 565 |
<form name="f" id="mo2f_show_forgotphone_loginform" method="post" class="mo2f_display_none_forms">
|
| 566 |
<input type="hidden" name="request_origin_method" value="<?php echo $login_status; ?>"/>
|
| 567 |
<input type="hidden" name="miniorange_forgotphone"
|
| 568 |
value="<?php echo wp_create_nonce( 'miniorange-2-factor-forgotphone' ); ?>"/>
|
| 569 |
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
|
|
|
| 570 |
</form>
|
| 571 |
<script>
|
| 572 |
var timeout;
|
| 573 |
pollMobileValidation();
|
| 574 |
|
| 575 |
function pollMobileValidation() {
|
| 576 |
-
var transId = "<?php echo MO2f_Utility::
|
| 577 |
var jsonString = "{\"txId\":\"" + transId + "\"}";
|
| 578 |
var postUrl = "<?php echo get_option( 'mo2f_host_name' ); ?>" + "/moas/api/auth/auth-status";
|
| 579 |
jQuery.ajax({
|
|
@@ -623,7 +637,7 @@ function mo2f_get_qrcode_authentication_prompt( $login_status, $login_message, $
|
|
| 623 |
<?php
|
| 624 |
}
|
| 625 |
|
| 626 |
-
function mo2f_get_otp_authentication_prompt( $login_status, $login_message, $redirect_to ) {
|
| 627 |
$mo2f_enable_forgotphone = get_option( 'mo2f_enable_forgotphone' );
|
| 628 |
$mo2f_is_new_customer = get_option( 'mo2f_is_NC' );
|
| 629 |
?>
|
|
@@ -673,6 +687,7 @@ function mo2f_get_otp_authentication_prompt( $login_status, $login_message, $red
|
|
| 673 |
<input type="hidden" name="miniorange_soft_token_nonce"
|
| 674 |
value="<?php echo wp_create_nonce( 'miniorange-2-factor-soft-token-nonce' ); ?>"/>
|
| 675 |
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
|
|
|
| 676 |
</form>
|
| 677 |
<br>
|
| 678 |
<?php if ( ! $mo2f_is_new_customer ) { ?>
|
|
@@ -696,6 +711,7 @@ function mo2f_get_otp_authentication_prompt( $login_status, $login_message, $red
|
|
| 696 |
class="mo2f_display_none_forms">
|
| 697 |
<input type="hidden" name="miniorange_mobile_validation_failed_nonce"
|
| 698 |
value="<?php echo wp_create_nonce( 'miniorange-2-factor-mobile-validation-failed-nonce' ); ?>"/>
|
|
|
|
| 699 |
</form>
|
| 700 |
<?php if ( get_option( 'mo2f_enable_forgotphone' ) && isset( $login_status ) && $login_status != 'MO_2_FACTOR_CHALLENGE_OTP_OVER_EMAIL' ) { ?>
|
| 701 |
<form name="f" id="mo2f_show_forgotphone_loginform" method="post" action="" class="mo2f_display_none_forms">
|
|
@@ -703,6 +719,7 @@ function mo2f_get_otp_authentication_prompt( $login_status, $login_message, $red
|
|
| 703 |
<input type="hidden" name="miniorange_forgotphone"
|
| 704 |
value="<?php echo wp_create_nonce( 'miniorange-2-factor-forgotphone' ); ?>"/>
|
| 705 |
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
|
|
|
| 706 |
</form>
|
| 707 |
<?php } ?>
|
| 708 |
|
|
@@ -721,7 +738,7 @@ function mo2f_get_otp_authentication_prompt( $login_status, $login_message, $red
|
|
| 721 |
}
|
| 722 |
|
| 723 |
|
| 724 |
-
function mo2f_get_device_form( $redirect_to ) {
|
| 725 |
?>
|
| 726 |
<html>
|
| 727 |
<head>
|
|
@@ -776,16 +793,19 @@ function mo2f_get_device_form( $redirect_to ) {
|
|
| 776 |
class="mo2f_display_none_forms">
|
| 777 |
<input type="hidden" name="miniorange_mobile_validation_failed_nonce"
|
| 778 |
value="<?php echo wp_create_nonce( 'miniorange-2-factor-mobile-validation-failed-nonce' ); ?>"/>
|
|
|
|
| 779 |
</form>
|
| 780 |
<form name="f" id="mo2f_trust_device_confirm_form" method="post" action="" class="mo2f_display_none_forms">
|
| 781 |
<input type="hidden" name="mo2f_trust_device_confirm_nonce"
|
| 782 |
value="<?php echo wp_create_nonce( 'miniorange-2-factor-trust-device-confirm-nonce' ); ?>"/>
|
| 783 |
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
|
|
|
| 784 |
</form>
|
| 785 |
<form name="f" id="mo2f_trust_device_cancel_form" method="post" action="" class="mo2f_display_none_forms">
|
| 786 |
<input type="hidden" name="mo2f_trust_device_cancel_nonce"
|
| 787 |
value="<?php echo wp_create_nonce( 'miniorange-2-factor-trust-device-cancel-nonce' ); ?>"/>
|
| 788 |
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
|
|
|
| 789 |
</form>
|
| 790 |
<script>
|
| 791 |
function mologinback() {
|
|
@@ -818,10 +838,10 @@ function mo2f_customize_logo() { ?>
|
|
| 818 |
function echo_js_css_files() {
|
| 819 |
echo '<script src="https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>';
|
| 820 |
echo '<script src="' . plugins_url( 'includes/js/bootstrap.min.js', __FILE__ ) . '" ></script>';
|
| 821 |
-
echo '<link rel="stylesheet" type="text/css" href="' . plugins_url( 'includes/css/bootstrap.min.css?version=5.
|
| 822 |
-
echo '<link rel="stylesheet" type="text/css" href="' . plugins_url( 'includes/css/front_end_login.css?version=5.
|
| 823 |
-
echo '<link rel="stylesheet" type="text/css" href="' . plugins_url( 'includes/css/style_settings.css?version=5.
|
| 824 |
-
echo '<link rel="stylesheet" type="text/css" href="' . plugins_url( 'includes/css/hide-login.css?version=5.
|
| 825 |
|
| 826 |
if ( get_option( 'mo2f_personalization_ui' ) ) {
|
| 827 |
echo '<link rel="stylesheet" type="text/css" href="' . plugins_url( 'includes/css/mo2f_login_popup_ui.css', __FILE__ ) . '" />';
|
| 1 |
<?php
|
| 2 |
+
function mo2f_collect_device_attributes_handler( $redirect_to = null,$session_id_encrypt ) {
|
| 3 |
?>
|
| 4 |
<html>
|
| 5 |
<head>
|
| 33 |
<input type="hidden" name="miniorange_attribute_collection_nonce"
|
| 34 |
value="<?php echo wp_create_nonce( 'miniorange-2-factor-login-attribute-collection-nonce' ); ?>"/>
|
| 35 |
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
| 36 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
| 37 |
</form>
|
| 38 |
</div>
|
| 39 |
</body>
|
| 162 |
return $mo2f_second_factor;
|
| 163 |
}
|
| 164 |
|
| 165 |
+
function mo2f_get_forgotphone_form( $login_status, $login_message, $redirect_to, $session_id_encrypt ) {
|
| 166 |
$mo2f_forgotphone_enabled = get_option( 'mo2f_enable_forgotphone' );
|
| 167 |
$mo2f_email_as_backup_enabled = get_option( 'mo2f_enable_forgotphone_email' );
|
| 168 |
$mo2f_kba_as_backup_enabled = get_option( 'mo2f_enable_forgotphone_kba' );
|
| 222 |
class="mo2f_display_none_forms">
|
| 223 |
<input type="hidden" name="miniorange_mobile_validation_failed_nonce"
|
| 224 |
value="<?php echo wp_create_nonce( 'miniorange-2-factor-mobile-validation-failed-nonce' ); ?>"/>
|
| 225 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
| 226 |
</form>
|
| 227 |
<form name="f" id="mo2f_challenge_forgotphone_form" method="post" class="mo2f_display_none_forms">
|
| 228 |
<input type="hidden" name="mo2f_configured_2FA_method"/>
|
| 229 |
<input type="hidden" name="miniorange_challenge_forgotphone_nonce"
|
| 230 |
value="<?php echo wp_create_nonce( 'miniorange-2-factor-challenge-forgotphone-nonce' ); ?>"/>
|
| 231 |
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
| 232 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
| 233 |
</form>
|
| 234 |
|
| 235 |
<script>
|
| 247 |
</html>
|
| 248 |
<?php }
|
| 249 |
|
| 250 |
+
function mo2f_get_kba_authentication_prompt( $login_message, $redirect_to, $session_id_encrypt ) {
|
| 251 |
$mo2f_login_option = get_option( 'mo2f_login_option' );
|
| 252 |
$mo2f_remember_device_enabled = get_option( 'mo2f_remember_device' );
|
| 253 |
?>
|
| 281 |
<form name="f" id="mo2f_submitkba_loginform" method="post">
|
| 282 |
<div id="mo2f_kba_content">
|
| 283 |
<p style="font-size:15px;">
|
| 284 |
+
<?php $kba_questions = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo_2_factor_kba_questions',$session_id_encrypt );
|
| 285 |
echo $kba_questions[0]; ?><br>
|
| 286 |
<input class="mo2f-textbox" type="password" name="mo2f_answer_1" id="mo2f_answer_1"
|
| 287 |
required="true" autofocus="true"
|
| 313 |
<input type="hidden" name="miniorange_kba_nonce"
|
| 314 |
value="<?php echo wp_create_nonce( 'miniorange-2-factor-kba-nonce' ); ?>"/>
|
| 315 |
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
| 316 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
| 317 |
</form>
|
| 318 |
<br>
|
| 319 |
</div>
|
| 326 |
class="mo2f_display_none_forms">
|
| 327 |
<input type="hidden" name="miniorange_mobile_validation_failed_nonce"
|
| 328 |
value="<?php echo wp_create_nonce( 'miniorange-2-factor-mobile-validation-failed-nonce' ); ?>"/>
|
| 329 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
| 330 |
</form>
|
| 331 |
|
| 332 |
<script>
|
| 340 |
<?php
|
| 341 |
}
|
| 342 |
|
| 343 |
+
function mo2f_get_push_notification_oobemail_prompt( $id, $login_status, $login_message, $redirect_to, $session_id_encrypt ) {
|
| 344 |
global $Mo2fdbQueries;
|
| 345 |
$mo2f_enable_forgotphone = get_option( 'mo2f_enable_forgotphone' );
|
| 346 |
$mo2f_KBA_config_status = $Mo2fdbQueries->get_user_detail( 'mo2f_SecurityQuestions_config_status', $id );
|
| 418 |
class="mo2f_display_none_forms">
|
| 419 |
<input type="hidden" name="miniorange_mobile_validation_failed_nonce"
|
| 420 |
value="<?php echo wp_create_nonce( 'miniorange-2-factor-mobile-validation-failed-nonce' ); ?>"/>
|
| 421 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
| 422 |
</form>
|
| 423 |
<form name="f" id="mo2f_mobile_validation_form" method="post" class="mo2f_display_none_forms">
|
| 424 |
<input type="hidden" name="miniorange_mobile_validation_nonce"
|
| 425 |
value="<?php echo wp_create_nonce( 'miniorange-2-factor-mobile-validation-nonce' ); ?>"/>
|
| 426 |
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
| 427 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
| 428 |
</form>
|
| 429 |
<form name="f" id="mo2f_show_softtoken_loginform" method="post" class="mo2f_display_none_forms">
|
| 430 |
<input type="hidden" name="miniorange_softtoken"
|
| 431 |
value="<?php echo wp_create_nonce( 'miniorange-2-factor-softtoken' ); ?>"/>
|
| 432 |
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
| 433 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
| 434 |
</form>
|
| 435 |
<form name="f" id="mo2f_show_forgotphone_loginform" method="post" class="mo2f_display_none_forms">
|
| 436 |
<input type="hidden" name="request_origin_method" value="<?php echo $login_status; ?>"/>
|
| 437 |
<input type="hidden" name="miniorange_forgotphone"
|
| 438 |
value="<?php echo wp_create_nonce( 'miniorange-2-factor-forgotphone' ); ?>"/>
|
| 439 |
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
| 440 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
| 441 |
</form>
|
| 442 |
<form name="f" id="mo2f_alternate_login_kbaform" method="post" class="mo2f_display_none_forms">
|
| 443 |
<input type="hidden" name="miniorange_alternate_login_kba_nonce"
|
| 444 |
value="<?php echo wp_create_nonce( 'miniorange-2-factor-alternate-login-kba-nonce' ); ?>"/>
|
| 445 |
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
| 446 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
| 447 |
</form>
|
| 448 |
|
| 449 |
<script>
|
| 451 |
pollPushValidation();
|
| 452 |
|
| 453 |
function pollPushValidation() {
|
| 454 |
+
var transId = "<?php echo MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_transactionId',$session_id_encrypt ); ?>";
|
| 455 |
var jsonString = "{\"txId\":\"" + transId + "\"}";
|
| 456 |
var postUrl = "<?php echo get_option( 'mo2f_host_name' ); ?>" + "/moas/api/auth/auth-status";
|
| 457 |
|
| 496 |
<?php
|
| 497 |
}
|
| 498 |
|
| 499 |
+
function mo2f_get_qrcode_authentication_prompt( $login_status, $login_message, $redirect_to, $qrCode, $session_id_encrypt ) {
|
| 500 |
$mo2f_enable_forgotphone = get_option( 'mo2f_enable_forgotphone' );
|
| 501 |
$mo2f_is_new_customer = get_option( 'mo2f_is_NC' );
|
| 502 |
?>
|
| 561 |
class="mo2f_display_none_forms">
|
| 562 |
<input type="hidden" name="miniorange_mobile_validation_failed_nonce"
|
| 563 |
value="<?php echo wp_create_nonce( 'miniorange-2-factor-mobile-validation-failed-nonce' ); ?>"/>
|
| 564 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
| 565 |
</form>
|
| 566 |
<form name="f" id="mo2f_mobile_validation_form" method="post" class="mo2f_display_none_forms">
|
| 567 |
<input type="hidden" name="miniorange_mobile_validation_nonce"
|
| 568 |
value="<?php echo wp_create_nonce( 'miniorange-2-factor-mobile-validation-nonce' ); ?>"/>
|
| 569 |
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
| 570 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
| 571 |
</form>
|
| 572 |
<form name="f" id="mo2f_show_softtoken_loginform" method="post" class="mo2f_display_none_forms">
|
| 573 |
<input type="hidden" name="miniorange_softtoken"
|
| 574 |
value="<?php echo wp_create_nonce( 'miniorange-2-factor-softtoken' ); ?>"/>
|
| 575 |
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
| 576 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
| 577 |
</form>
|
| 578 |
<form name="f" id="mo2f_show_forgotphone_loginform" method="post" class="mo2f_display_none_forms">
|
| 579 |
<input type="hidden" name="request_origin_method" value="<?php echo $login_status; ?>"/>
|
| 580 |
<input type="hidden" name="miniorange_forgotphone"
|
| 581 |
value="<?php echo wp_create_nonce( 'miniorange-2-factor-forgotphone' ); ?>"/>
|
| 582 |
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
| 583 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
| 584 |
</form>
|
| 585 |
<script>
|
| 586 |
var timeout;
|
| 587 |
pollMobileValidation();
|
| 588 |
|
| 589 |
function pollMobileValidation() {
|
| 590 |
+
var transId = "<?php echo MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_transactionId',$session_id_encrypt ); ?>";
|
| 591 |
var jsonString = "{\"txId\":\"" + transId + "\"}";
|
| 592 |
var postUrl = "<?php echo get_option( 'mo2f_host_name' ); ?>" + "/moas/api/auth/auth-status";
|
| 593 |
jQuery.ajax({
|
| 637 |
<?php
|
| 638 |
}
|
| 639 |
|
| 640 |
+
function mo2f_get_otp_authentication_prompt( $login_status, $login_message, $redirect_to,$session_id_encrypt ) {
|
| 641 |
$mo2f_enable_forgotphone = get_option( 'mo2f_enable_forgotphone' );
|
| 642 |
$mo2f_is_new_customer = get_option( 'mo2f_is_NC' );
|
| 643 |
?>
|
| 687 |
<input type="hidden" name="miniorange_soft_token_nonce"
|
| 688 |
value="<?php echo wp_create_nonce( 'miniorange-2-factor-soft-token-nonce' ); ?>"/>
|
| 689 |
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
| 690 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
| 691 |
</form>
|
| 692 |
<br>
|
| 693 |
<?php if ( ! $mo2f_is_new_customer ) { ?>
|
| 711 |
class="mo2f_display_none_forms">
|
| 712 |
<input type="hidden" name="miniorange_mobile_validation_failed_nonce"
|
| 713 |
value="<?php echo wp_create_nonce( 'miniorange-2-factor-mobile-validation-failed-nonce' ); ?>"/>
|
| 714 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
| 715 |
</form>
|
| 716 |
<?php if ( get_option( 'mo2f_enable_forgotphone' ) && isset( $login_status ) && $login_status != 'MO_2_FACTOR_CHALLENGE_OTP_OVER_EMAIL' ) { ?>
|
| 717 |
<form name="f" id="mo2f_show_forgotphone_loginform" method="post" action="" class="mo2f_display_none_forms">
|
| 719 |
<input type="hidden" name="miniorange_forgotphone"
|
| 720 |
value="<?php echo wp_create_nonce( 'miniorange-2-factor-forgotphone' ); ?>"/>
|
| 721 |
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
| 722 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
| 723 |
</form>
|
| 724 |
<?php } ?>
|
| 725 |
|
| 738 |
}
|
| 739 |
|
| 740 |
|
| 741 |
+
function mo2f_get_device_form( $redirect_to, $session_id_encrypt ) {
|
| 742 |
?>
|
| 743 |
<html>
|
| 744 |
<head>
|
| 793 |
class="mo2f_display_none_forms">
|
| 794 |
<input type="hidden" name="miniorange_mobile_validation_failed_nonce"
|
| 795 |
value="<?php echo wp_create_nonce( 'miniorange-2-factor-mobile-validation-failed-nonce' ); ?>"/>
|
| 796 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
| 797 |
</form>
|
| 798 |
<form name="f" id="mo2f_trust_device_confirm_form" method="post" action="" class="mo2f_display_none_forms">
|
| 799 |
<input type="hidden" name="mo2f_trust_device_confirm_nonce"
|
| 800 |
value="<?php echo wp_create_nonce( 'miniorange-2-factor-trust-device-confirm-nonce' ); ?>"/>
|
| 801 |
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
| 802 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
| 803 |
</form>
|
| 804 |
<form name="f" id="mo2f_trust_device_cancel_form" method="post" action="" class="mo2f_display_none_forms">
|
| 805 |
<input type="hidden" name="mo2f_trust_device_cancel_nonce"
|
| 806 |
value="<?php echo wp_create_nonce( 'miniorange-2-factor-trust-device-cancel-nonce' ); ?>"/>
|
| 807 |
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
| 808 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
| 809 |
</form>
|
| 810 |
<script>
|
| 811 |
function mologinback() {
|
| 838 |
function echo_js_css_files() {
|
| 839 |
echo '<script src="https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>';
|
| 840 |
echo '<script src="' . plugins_url( 'includes/js/bootstrap.min.js', __FILE__ ) . '" ></script>';
|
| 841 |
+
echo '<link rel="stylesheet" type="text/css" href="' . plugins_url( 'includes/css/bootstrap.min.css?version=5.1.6', __FILE__ ) . '" />';
|
| 842 |
+
echo '<link rel="stylesheet" type="text/css" href="' . plugins_url( 'includes/css/front_end_login.css?version=5.1.6', __FILE__ ) . '" />';
|
| 843 |
+
echo '<link rel="stylesheet" type="text/css" href="' . plugins_url( 'includes/css/style_settings.css?version=5.1.6', __FILE__ ) . '" />';
|
| 844 |
+
echo '<link rel="stylesheet" type="text/css" href="' . plugins_url( 'includes/css/hide-login.css?version=5.1.6', __FILE__ ) . '" />';
|
| 845 |
|
| 846 |
if ( get_option( 'mo2f_personalization_ui' ) ) {
|
| 847 |
echo '<link rel="stylesheet" type="text/css" href="' . plugins_url( 'includes/css/mo2f_login_popup_ui.css', __FILE__ ) . '" />';
|
miniorange_2_factor_configuration.php
CHANGED
|
@@ -204,9 +204,10 @@ function mo2f_show_registration_page( $user ) {
|
|
| 204 |
<td><b><span class="impt">*</span><?php echo mo2f_lt( 'Confirm Password :' ); ?></b></td>
|
| 205 |
<td><input class="mo2f_table_textbox" type="password" required name="confirmPassword"/></td>
|
| 206 |
</tr>
|
|
|
|
| 207 |
<td> </td>
|
| 208 |
-
<td><input type="submit" name="submit" style="float:right"
|
| 209 |
-
value="<?php echo mo2f_lt( '
|
| 210 |
class="button button-primary button-large"/></td>
|
| 211 |
</tr>
|
| 212 |
</table>
|
| 204 |
<td><b><span class="impt">*</span><?php echo mo2f_lt( 'Confirm Password :' ); ?></b></td>
|
| 205 |
<td><input class="mo2f_table_textbox" type="password" required name="confirmPassword"/></td>
|
| 206 |
</tr>
|
| 207 |
+
<tr>
|
| 208 |
<td> </td>
|
| 209 |
+
<td><input type="submit" name="submit" style="float:right;"
|
| 210 |
+
value="<?php echo mo2f_lt( 'Continue' ); ?>"
|
| 211 |
class="button button-primary button-large"/></td>
|
| 212 |
</tr>
|
| 213 |
</table>
|
miniorange_2_factor_mobile_configuration.php
CHANGED
|
@@ -409,6 +409,7 @@ function mo2f_show_2FA_configuration_screen( $user, $selected2FAmethod ) {
|
|
| 409 |
|
| 410 |
switch ( $selected2FAmethod ) {
|
| 411 |
case "Google Authenticator":
|
|
|
|
| 412 |
mo2f_configure_google_authenticator( $user );
|
| 413 |
break;
|
| 414 |
case "Authy Authenticator":
|
|
@@ -423,8 +424,15 @@ function mo2f_show_2FA_configuration_screen( $user, $selected2FAmethod ) {
|
|
| 423 |
case "OTP Over SMS":
|
| 424 |
mo2f_configure_otp_over_sms( $user );
|
| 425 |
break;
|
| 426 |
-
|
|
|
|
|
|
|
|
|
|
| 427 |
mo2f_configure_miniorange_authenticator( $user );
|
|
|
|
|
|
|
|
|
|
|
|
|
| 428 |
}
|
| 429 |
|
| 430 |
}
|
|
@@ -460,14 +468,8 @@ function mo2f_show_2FA_test_screen( $user, $selected2FAmethod ) {
|
|
| 460 |
function mo2f_select_2_factor_method( $user, $mo2f_second_factor ) {
|
| 461 |
global $Mo2fdbQueries;
|
| 462 |
|
| 463 |
-
$user_registration_status = $Mo2fdbQueries->get_user_detail( 'mo_2factor_user_registration_status', $user->ID );
|
| 464 |
-
|
| 465 |
$is_customer_admin_registered = get_option( 'mo_2factor_admin_registration_status' );
|
| 466 |
$configured_2FA_method = $Mo2fdbQueries->get_user_detail( 'mo2f_configured_2FA_method', $user->ID );
|
| 467 |
-
$email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user->ID );
|
| 468 |
-
$is_2FA_configured = $configured_2FA_method == 'NONE' ? 0 : 1;
|
| 469 |
-
|
| 470 |
-
$selectedMethod = $mo2f_second_factor;
|
| 471 |
|
| 472 |
if ( $mo2f_second_factor == 'GOOGLE AUTHENTICATOR' ) {
|
| 473 |
$app_type = get_user_meta( $user->ID, 'mo2f_external_app_type', true );
|
|
@@ -522,48 +524,13 @@ function mo2f_select_2_factor_method( $user, $mo2f_second_factor ) {
|
|
| 522 |
?>
|
| 523 |
<div class="mo2f_setup_2_factor_tab">
|
| 524 |
|
| 525 |
-
<p style="float:right;">
|
| 526 |
|
| 527 |
<?php if( $selectedMethod == 'NONE' ) { ?>
|
| 528 |
<p style="float:left;" ><span style="color:limegreen;font-weight:bold"><?php echo mo2f_lt( 'HOW DO I CONFIGURE 2FA?' ); ?></span>
|
| 529 |
<br>Just click on <b>Configure</b> of your preferred authentication method below.</p><br>
|
| 530 |
|
| 531 |
<?php } ?>
|
| 532 |
-
|
| 533 |
-
<?php if ( $is_NC && ! get_option( 'mo2f_is_NNC' ) ) {
|
| 534 |
-
if ( $can_display_admin_features ) { ?>
|
| 535 |
-
<div style="float:right;">
|
| 536 |
-
<form name="f" method="post" action="" id="mo2f_enable_2FA_for_users_form">
|
| 537 |
-
<input type="hidden" name="option" value="mo2f_enable_2FA_for_users_option"/>
|
| 538 |
-
|
| 539 |
-
<input type="checkbox" id="mo2f_enable_2fa_for_users" name="mo2f_enable_2fa_for_users"
|
| 540 |
-
value="1" <?php checked( get_option( 'mo2f_enable_2fa_for_users' ) == 1 );
|
| 541 |
-
|
| 542 |
-
if ( $Mo2fdbQueries->get_user_detail( 'mo_2factor_user_registration_status', $user->ID ) != 'MO_2_FACTOR_PLUGIN_SETTINGS' ) {
|
| 543 |
-
echo 'disabled';
|
| 544 |
-
} ?> onChange="this.form.submit()"/>
|
| 545 |
-
<?php echo mo2f_lt( 'Enable 2-factor Authentication for Users' ); ?>
|
| 546 |
-
</form>
|
| 547 |
-
</div>
|
| 548 |
-
<?php } else { ?>
|
| 549 |
-
<div style="float:right;">
|
| 550 |
-
<form name="f" method="post" action="" id="mo2f_enable_2FA_form">
|
| 551 |
-
<input type="hidden" name="option" value="mo2f_enable_2FA_option"/>
|
| 552 |
-
|
| 553 |
-
<input type="checkbox" id="mo2f_enable_2fa" name="mo2f_enable_2fa"
|
| 554 |
-
value="1" <?php checked( get_option( 'mo2f_enable_2fa' ) == 1 );
|
| 555 |
-
|
| 556 |
-
if ( ! in_array( $Mo2fdbQueries->get_user_detail( 'mo_2factor_user_registration_status', $user->ID ), array(
|
| 557 |
-
'MO_2_FACTOR_PLUGIN_SETTINGS',
|
| 558 |
-
'MO_2_FACTOR_INITIALIZE_TWO_FACTOR'
|
| 559 |
-
) ) ) {
|
| 560 |
-
echo 'disabled';
|
| 561 |
-
} ?> onChange="this.form.submit()"/>
|
| 562 |
-
<?php echo mo2f_lt( 'Enable 2-factor Authentication' ); ?>
|
| 563 |
-
</form>
|
| 564 |
-
</div>
|
| 565 |
-
<?php }
|
| 566 |
-
} ?>
|
| 567 |
<br><br>
|
| 568 |
|
| 569 |
<div style="text-align: center;">
|
|
@@ -624,11 +591,13 @@ function mo2f_select_2_factor_method( $user, $mo2f_second_factor ) {
|
|
| 624 |
);
|
| 625 |
|
| 626 |
$standard_plan_existing_user = array(
|
|
|
|
| 627 |
"OTP Over Email",
|
| 628 |
"OTP Over SMS and Email"
|
| 629 |
);
|
| 630 |
|
| 631 |
$standard_plan_new_user = array(
|
|
|
|
| 632 |
"Email Verification",
|
| 633 |
"OTP Over SMS",
|
| 634 |
"OTP Over Email",
|
|
@@ -643,17 +612,47 @@ function mo2f_select_2_factor_method( $user, $mo2f_second_factor ) {
|
|
| 643 |
|
| 644 |
$free_plan_methods_existing_user = array_chunk( $free_plan_existing_user, 3 );
|
| 645 |
$free_plan_methods_new_user = array_chunk( $free_plan_new_user, 3 );
|
| 646 |
-
$standard_plan_methods_existing_user = array_chunk(
|
| 647 |
-
|
| 648 |
-
$
|
| 649 |
-
), 3 );
|
| 650 |
-
$premium_plan_methods_existing_user = array_chunk( array_merge( $free_plan_existing_user,
|
| 651 |
-
$standard_plan_existing_user, $premium_plan ), 3 );
|
| 652 |
-
$premium_plan_methods_new_user = array_chunk( array_merge( $free_plan_new_user,
|
| 653 |
-
$standard_plan_new_user, $premium_plan ), 3 );
|
| 654 |
?>
|
| 655 |
<hr>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 656 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 657 |
<div class="mo2f_setup_2factor_tab">
|
| 658 |
|
| 659 |
<div>
|
|
@@ -684,7 +683,6 @@ function mo2f_select_2_factor_method( $user, $mo2f_second_factor ) {
|
|
| 684 |
*</p>
|
| 685 |
</a>
|
| 686 |
<?php echo mo2f_create_2fa_form( $user, "standard_plan", $is_NC ? $standard_plan_methods_new_user : $standard_plan_methods_existing_user ); ?>
|
| 687 |
-
|
| 688 |
</div>
|
| 689 |
<hr>
|
| 690 |
<div>
|
|
@@ -787,6 +785,7 @@ function mo2f_create_2fa_form( $user, $category, $auth_methods, $can_display_adm
|
|
| 787 |
);
|
| 788 |
|
| 789 |
$two_factor_methods_descriptions = array(
|
|
|
|
| 790 |
"miniOrange QR Code Authentication" => "Scan the QR code from the account in your miniOrange Authenticator App to login.",
|
| 791 |
"miniOrange Soft Token" => "Enter the soft token from the account in your miniOrange Authenticator App to login.",
|
| 792 |
"miniOrange Push Notification" => "Accept a push notification in your miniOrange Authenticator App to login.",
|
|
@@ -814,7 +813,9 @@ function mo2f_create_2fa_form( $user, $category, $auth_methods, $can_display_adm
|
|
| 814 |
<div id="mo2f_' . $category . '_auth_methods" style="background-color: #f1f1f1;">
|
| 815 |
<br>
|
| 816 |
<table class="mo2f_auth_methods_table">';
|
|
|
|
| 817 |
for ( $i = 0; $i < count( $auth_methods ); $i ++ ) {
|
|
|
|
| 818 |
$form .= '<tr>';
|
| 819 |
for ( $j = 0; $j < count( $auth_methods[ $i ] ); $j ++ ) {
|
| 820 |
$auth_method = $auth_methods[ $i ][ $j ];
|
|
@@ -830,18 +831,22 @@ function mo2f_create_2fa_form( $user, $category, $auth_methods, $can_display_adm
|
|
| 830 |
|
| 831 |
|
| 832 |
$thumbnail_height = $is_auth_method_av && $category == 'free_plan' ? 190 : 160;
|
| 833 |
-
|
| 834 |
|
| 835 |
-
|
| 836 |
-
<div class="mo2f_thumbnail" style="height:' . $thumbnail_height . 'px;border-color
|
| 837 |
<div><div>
|
| 838 |
-
<div style="width: 80px; float:left;">
|
| 839 |
-
|
| 840 |
-
|
| 841 |
-
|
|
|
|
|
|
|
|
|
|
| 842 |
<div style="width:190px; padding:20px;font-size:14px;overflow: hidden;"><b>' . $auth_method .
|
| 843 |
'</b><br>
|
| 844 |
<p style="padding:5px; padding-left:0px;"> ' . $two_factor_methods_descriptions[ $auth_method ] . '</p>
|
|
|
|
| 845 |
</div>
|
| 846 |
</div>
|
| 847 |
</div>';
|
|
@@ -868,15 +873,24 @@ function mo2f_create_2fa_form( $user, $category, $auth_methods, $can_display_adm
|
|
| 868 |
$form .= '>Set as 2-factor</button>
|
| 869 |
</div>';
|
| 870 |
}
|
|
|
|
| 871 |
$form .= '</div>';
|
|
|
|
| 872 |
}
|
| 873 |
$form .= '</div></div></td>';
|
| 874 |
}
|
|
|
|
| 875 |
$form .= '</tr>';
|
| 876 |
}
|
| 877 |
|
| 878 |
-
|
| 879 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 880 |
<input type="hidden" name="option" value="mo2f_save_' . $category . '_auth_methods" />
|
| 881 |
<input type="hidden" name="mo2f_configured_2FA_method_' . $category . '" id="mo2f_configured_2FA_method_' . $category . '" />
|
| 882 |
<input type="hidden" name="mo2f_selected_action_' . $category . '" id="mo2f_selected_action_' . $category . '" />
|
| 409 |
|
| 410 |
switch ( $selected2FAmethod ) {
|
| 411 |
case "Google Authenticator":
|
| 412 |
+
Miniorange_Authentication::mo2f_get_GA_parameters($user);
|
| 413 |
mo2f_configure_google_authenticator( $user );
|
| 414 |
break;
|
| 415 |
case "Authy Authenticator":
|
| 424 |
case "OTP Over SMS":
|
| 425 |
mo2f_configure_otp_over_sms( $user );
|
| 426 |
break;
|
| 427 |
+
case "miniOrange Soft Token":
|
| 428 |
+
mo2f_configure_miniorange_authenticator( $user );
|
| 429 |
+
break;
|
| 430 |
+
case "miniOrange QR Code Authentication":
|
| 431 |
mo2f_configure_miniorange_authenticator( $user );
|
| 432 |
+
break;
|
| 433 |
+
case "miniOrange Push Notification":
|
| 434 |
+
mo2f_configure_miniorange_authenticator( $user );
|
| 435 |
+
break;
|
| 436 |
}
|
| 437 |
|
| 438 |
}
|
| 468 |
function mo2f_select_2_factor_method( $user, $mo2f_second_factor ) {
|
| 469 |
global $Mo2fdbQueries;
|
| 470 |
|
|
|
|
|
|
|
| 471 |
$is_customer_admin_registered = get_option( 'mo_2factor_admin_registration_status' );
|
| 472 |
$configured_2FA_method = $Mo2fdbQueries->get_user_detail( 'mo2f_configured_2FA_method', $user->ID );
|
|
|
|
|
|
|
|
|
|
|
|
|
| 473 |
|
| 474 |
if ( $mo2f_second_factor == 'GOOGLE AUTHENTICATOR' ) {
|
| 475 |
$app_type = get_user_meta( $user->ID, 'mo2f_external_app_type', true );
|
| 524 |
?>
|
| 525 |
<div class="mo2f_setup_2_factor_tab">
|
| 526 |
|
| 527 |
+
<p style="float:right;">If you could not complete the setup process, <a style="font-weight:bold; color:limegreen" href="admin.php?page=miniOrange_2_factor_settings&mo2f_tab=mo2f_support">click here</a> for help.</p>
|
| 528 |
|
| 529 |
<?php if( $selectedMethod == 'NONE' ) { ?>
|
| 530 |
<p style="float:left;" ><span style="color:limegreen;font-weight:bold"><?php echo mo2f_lt( 'HOW DO I CONFIGURE 2FA?' ); ?></span>
|
| 531 |
<br>Just click on <b>Configure</b> of your preferred authentication method below.</p><br>
|
| 532 |
|
| 533 |
<?php } ?>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 534 |
<br><br>
|
| 535 |
|
| 536 |
<div style="text-align: center;">
|
| 591 |
);
|
| 592 |
|
| 593 |
$standard_plan_existing_user = array(
|
| 594 |
+
"",
|
| 595 |
"OTP Over Email",
|
| 596 |
"OTP Over SMS and Email"
|
| 597 |
);
|
| 598 |
|
| 599 |
$standard_plan_new_user = array(
|
| 600 |
+
"",
|
| 601 |
"Email Verification",
|
| 602 |
"OTP Over SMS",
|
| 603 |
"OTP Over Email",
|
| 612 |
|
| 613 |
$free_plan_methods_existing_user = array_chunk( $free_plan_existing_user, 3 );
|
| 614 |
$free_plan_methods_new_user = array_chunk( $free_plan_new_user, 3 );
|
| 615 |
+
$standard_plan_methods_existing_user = array_chunk( $standard_plan_existing_user, 3 );
|
| 616 |
+
$standard_plan_methods_new_user = array_chunk( $standard_plan_new_user, 3 );
|
| 617 |
+
$premium_plan_methods_existing_user = array_chunk( array_merge( $standard_plan_existing_user, $premium_plan ), 3 );
|
| 618 |
+
$premium_plan_methods_new_user = array_chunk( array_merge( $standard_plan_new_user, $premium_plan ), 3 );
|
|
|
|
|
|
|
|
|
|
|
|
|
| 619 |
?>
|
| 620 |
<hr>
|
| 621 |
+
<?php if ( $is_NC && ! get_option( 'mo2f_is_NNC' ) ) {
|
| 622 |
+
if ( $can_display_admin_features ) { ?>
|
| 623 |
+
<br>
|
| 624 |
+
<div style="float:right;">
|
| 625 |
+
<form name="f" method="post" action="" id="mo2f_enable_2FA_for_users_form">
|
| 626 |
+
<input type="hidden" name="option" value="mo2f_enable_2FA_for_users_option"/>
|
| 627 |
+
|
| 628 |
+
<input type="checkbox" id="mo2f_enable_2fa_for_users" name="mo2f_enable_2fa_for_users"
|
| 629 |
+
value="1" <?php checked( get_option( 'mo2f_enable_2fa_for_users' ) == 1 );
|
| 630 |
|
| 631 |
+
if ( $Mo2fdbQueries->get_user_detail( 'mo_2factor_user_registration_status', $user->ID ) != 'MO_2_FACTOR_PLUGIN_SETTINGS' ) {
|
| 632 |
+
echo 'disabled';
|
| 633 |
+
} ?> onChange="this.form.submit()"/>
|
| 634 |
+
<?php echo mo2f_lt( 'Enable 2-factor Authentication for Users' ); ?>
|
| 635 |
+
</form>
|
| 636 |
+
</div>
|
| 637 |
+
<?php } else { ?>
|
| 638 |
+
<div style="float:right;">
|
| 639 |
+
<form name="f" method="post" action="" id="mo2f_enable_2FA_form">
|
| 640 |
+
<input type="hidden" name="option" value="mo2f_enable_2FA_option"/>
|
| 641 |
+
|
| 642 |
+
<input type="checkbox" id="mo2f_enable_2fa" name="mo2f_enable_2fa"
|
| 643 |
+
value="1" <?php checked( get_option( 'mo2f_enable_2fa' ) == 1 );
|
| 644 |
+
|
| 645 |
+
if ( ! in_array( $Mo2fdbQueries->get_user_detail( 'mo_2factor_user_registration_status', $user->ID ), array(
|
| 646 |
+
'MO_2_FACTOR_PLUGIN_SETTINGS',
|
| 647 |
+
'MO_2_FACTOR_INITIALIZE_TWO_FACTOR'
|
| 648 |
+
) ) ) {
|
| 649 |
+
echo 'disabled';
|
| 650 |
+
} ?> onChange="this.form.submit()"/>
|
| 651 |
+
<?php echo mo2f_lt( 'Enable 2-factor Authentication' ); ?>
|
| 652 |
+
</form>
|
| 653 |
+
</div>
|
| 654 |
+
<?php }
|
| 655 |
+
} ?>
|
| 656 |
<div class="mo2f_setup_2factor_tab">
|
| 657 |
|
| 658 |
<div>
|
| 683 |
*</p>
|
| 684 |
</a>
|
| 685 |
<?php echo mo2f_create_2fa_form( $user, "standard_plan", $is_NC ? $standard_plan_methods_new_user : $standard_plan_methods_existing_user ); ?>
|
|
|
|
| 686 |
</div>
|
| 687 |
<hr>
|
| 688 |
<div>
|
| 785 |
);
|
| 786 |
|
| 787 |
$two_factor_methods_descriptions = array(
|
| 788 |
+
""=>"<b>All methods in the FREE Plan in addition to the following methods.</b>",
|
| 789 |
"miniOrange QR Code Authentication" => "Scan the QR code from the account in your miniOrange Authenticator App to login.",
|
| 790 |
"miniOrange Soft Token" => "Enter the soft token from the account in your miniOrange Authenticator App to login.",
|
| 791 |
"miniOrange Push Notification" => "Accept a push notification in your miniOrange Authenticator App to login.",
|
| 813 |
<div id="mo2f_' . $category . '_auth_methods" style="background-color: #f1f1f1;">
|
| 814 |
<br>
|
| 815 |
<table class="mo2f_auth_methods_table">';
|
| 816 |
+
|
| 817 |
for ( $i = 0; $i < count( $auth_methods ); $i ++ ) {
|
| 818 |
+
|
| 819 |
$form .= '<tr>';
|
| 820 |
for ( $j = 0; $j < count( $auth_methods[ $i ] ); $j ++ ) {
|
| 821 |
$auth_method = $auth_methods[ $i ][ $j ];
|
| 831 |
|
| 832 |
|
| 833 |
$thumbnail_height = $is_auth_method_av && $category == 'free_plan' ? 190 : 160;
|
| 834 |
+
$is_image = $auth_method == "" ? 0 :1;
|
| 835 |
|
| 836 |
+
$form .= '<td>
|
| 837 |
+
<div class="mo2f_thumbnail" style="height:' . $thumbnail_height . 'px;border-color:#ddd;">
|
| 838 |
<div><div>
|
| 839 |
+
<div style="width: 80px; float:left;">';
|
| 840 |
+
|
| 841 |
+
if($is_image){
|
| 842 |
+
$form .= '<img src="' . plugins_url( "includes/images/authmethods/" . $auth_method_abr . ".png", __FILE__ ) . '" style="width: 50px;height: 50px !important; padding: 20px; line-height: 80px;" />';
|
| 843 |
+
}
|
| 844 |
+
|
| 845 |
+
$form .= '</div>
|
| 846 |
<div style="width:190px; padding:20px;font-size:14px;overflow: hidden;"><b>' . $auth_method .
|
| 847 |
'</b><br>
|
| 848 |
<p style="padding:5px; padding-left:0px;"> ' . $two_factor_methods_descriptions[ $auth_method ] . '</p>
|
| 849 |
+
|
| 850 |
</div>
|
| 851 |
</div>
|
| 852 |
</div>';
|
| 873 |
$form .= '>Set as 2-factor</button>
|
| 874 |
</div>';
|
| 875 |
}
|
| 876 |
+
|
| 877 |
$form .= '</div>';
|
| 878 |
+
|
| 879 |
}
|
| 880 |
$form .= '</div></div></td>';
|
| 881 |
}
|
| 882 |
+
|
| 883 |
$form .= '</tr>';
|
| 884 |
}
|
| 885 |
|
| 886 |
+
|
| 887 |
+
$form .= '</table>';
|
| 888 |
+
if( $category!="free_plan")
|
| 889 |
+
$form .= '<div style="background-color: #f1f1f1;padding:10px">
|
| 890 |
+
<p style="font-size:16px;margin-left: 1%">In addition to these authentication methods, for other features in this plan, <a href="admin.php?page=miniOrange_2_factor_settings&mo2f_tab=mo2f_pricing"><i>Click here.</i></a></p>
|
| 891 |
+
</div>';
|
| 892 |
+
|
| 893 |
+
$form .= '</div>
|
| 894 |
<input type="hidden" name="option" value="mo2f_save_' . $category . '_auth_methods" />
|
| 895 |
<input type="hidden" name="mo2f_configured_2FA_method_' . $category . '" id="mo2f_configured_2FA_method_' . $category . '" />
|
| 896 |
<input type="hidden" name="mo2f_selected_action_' . $category . '" id="mo2f_selected_action_' . $category . '" />
|
miniorange_2_factor_settings.php
CHANGED
|
@@ -3,7 +3,7 @@
|
|
| 3 |
* Plugin Name: miniOrange 2 Factor Authentication
|
| 4 |
* Plugin URI: https://miniorange.com
|
| 5 |
* Description: This plugin provides various two-factor authentication methods as an additional layer of security after the default wordpress login. We Support Google Authenticator, QR Code, Push Notification, Soft Token and Security Questions(KBA) for 1 User in the free version of the plugin.
|
| 6 |
-
* Version: 5.1.
|
| 7 |
* Author: miniOrange
|
| 8 |
* Author URI: https://miniorange.com
|
| 9 |
* License: GPL2
|
|
@@ -15,6 +15,7 @@ include_once dirname( __FILE__ ) . '/class-two-factor-setup.php';
|
|
| 15 |
include_once dirname( __FILE__ ) . '/class-customer-setup.php';
|
| 16 |
include_once dirname( __FILE__ ) . '/database/database_functions.php';
|
| 17 |
include dirname( __FILE__ ) . '/views/feedback_form.php';
|
|
|
|
| 18 |
include dirname( __FILE__ ) . '/views/customer_registration.php';
|
| 19 |
require( 'class-utility.php' );
|
| 20 |
require( 'class-mo2f-constants.php' );
|
|
@@ -94,7 +95,7 @@ class Miniorange_Authentication {
|
|
| 94 |
add_action( 'mo2f_shortcode_form_fields', array(
|
| 95 |
$pass2fa_login,
|
| 96 |
'miniorange_pass2login_form_fields'
|
| 97 |
-
), 10,
|
| 98 |
add_filter( 'mo2f_gauth_service', array( $mo2f_rba_attributes, 'mo2f_google_auth_service' ), 10, 1 );
|
| 99 |
|
| 100 |
|
|
@@ -171,7 +172,7 @@ class Miniorange_Authentication {
|
|
| 171 |
|
| 172 |
function mo2f_update_db_check() {
|
| 173 |
|
| 174 |
-
|
| 175 |
$user_id = get_option( 'mo2f_miniorange_admin' );
|
| 176 |
|
| 177 |
if ( ! get_option( 'mo2f_existing_user_values_updated' ) ) {
|
|
@@ -276,6 +277,14 @@ class Miniorange_Authentication {
|
|
| 276 |
}
|
| 277 |
|
| 278 |
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 279 |
}
|
| 280 |
|
| 281 |
|
|
@@ -425,20 +434,20 @@ class Miniorange_Authentication {
|
|
| 425 |
}
|
| 426 |
|
| 427 |
function mo_2_factor_enable_frontend_style() {
|
| 428 |
-
wp_enqueue_style( 'mo2f_frontend_login_style', plugins_url( 'includes/css/front_end_login.css?version=5.1.
|
| 429 |
-
wp_enqueue_style( 'bootstrap_style', plugins_url( 'includes/css/bootstrap.min.css?version=5.1.
|
| 430 |
-
wp_enqueue_style( 'mo_2_factor_admin_settings_phone_style', plugins_url( 'includes/css/phone.css?version=5.1.
|
| 431 |
wp_enqueue_style( 'mo_2_factor_wpb-fa', plugins_url( 'includes/css/font-awesome.min.css', __FILE__ ) );
|
| 432 |
-
wp_enqueue_style( 'mo2f_login_popup_style', plugins_url( 'includes/css/mo2f_login_popup_ui.css?version=5.1.
|
| 433 |
}
|
| 434 |
|
| 435 |
function plugin_settings_style( $mo2fa_hook_page ) {
|
| 436 |
if ( 'toplevel_page_miniOrange_2_factor_settings' != $mo2fa_hook_page ) {
|
| 437 |
return;
|
| 438 |
}
|
| 439 |
-
wp_enqueue_style( 'mo_2_factor_admin_settings_style', plugins_url( 'includes/css/style_settings.css?version=5.1.
|
| 440 |
-
wp_enqueue_style( 'mo_2_factor_admin_settings_phone_style', plugins_url( 'includes/css/phone.css?version=5.1.
|
| 441 |
-
wp_enqueue_style( 'bootstrap_style', plugins_url( 'includes/css/bootstrap.min.css?version=5.1.
|
| 442 |
wp_enqueue_style( 'mo_2_factor_wpb-fa', plugins_url( 'includes/css/font-awesome.min.css', __FILE__ ) );
|
| 443 |
}
|
| 444 |
|
|
@@ -523,16 +532,16 @@ class Miniorange_Authentication {
|
|
| 523 |
update_option( 'mo2f_password', stripslashes( $password ) );
|
| 524 |
$customer = new Customer_Setup();
|
| 525 |
$customerKey = json_decode( $customer->check_customer(), true );
|
|
|
|
| 526 |
if ( strcasecmp( $customerKey['status'], 'CUSTOMER_NOT_FOUND' ) == 0 ) {
|
| 527 |
if ( $customerKey['status'] == 'ERROR' ) {
|
| 528 |
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( $customerKey['message'] ) );
|
| 529 |
-
|
| 530 |
} else {
|
| 531 |
-
|
| 532 |
$this->mo2f_create_customer( $user );
|
| 533 |
delete_user_meta( $user->ID, 'mo_2fa_verify_otp_create_account' );
|
| 534 |
delete_user_meta( $user->ID, 'register_account' );
|
| 535 |
-
|
|
|
|
| 536 |
|
| 537 |
}
|
| 538 |
} else { //customer already exists, redirect him to login page
|
|
@@ -671,7 +680,7 @@ class Miniorange_Authentication {
|
|
| 671 |
if ( ! empty( $mo2f_customer_selected_plan ) ) {
|
| 672 |
delete_option( 'mo2f_customer_selected_plan' );
|
| 673 |
header( 'Location: admin.php?page=miniOrange_2_factor_settings&mo2f_tab=mo2f_pricing' );
|
| 674 |
-
} else {
|
| 675 |
update_user_meta( $user->ID, 'configure_2FA', 1 );
|
| 676 |
}
|
| 677 |
|
|
@@ -958,9 +967,19 @@ class Miniorange_Authentication {
|
|
| 958 |
if ( ! in_array( $_POST['deactivate_plugin'], $reasons_not_to_worry_about ) ) {
|
| 959 |
|
| 960 |
$message .= $_POST['deactivate_plugin'];
|
|
|
|
| 961 |
if ( $_POST['query_feedback'] != '' ) {
|
| 962 |
$message .= ':' . $_POST['query_feedback'];
|
| 963 |
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 964 |
$email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user->ID );
|
| 965 |
if ( $email == '' ) {
|
| 966 |
$email = $user->user_email;
|
|
@@ -1043,10 +1062,6 @@ class Miniorange_Authentication {
|
|
| 1043 |
|
| 1044 |
$selectedMethod = $TwoFA_method_to_configure;
|
| 1045 |
|
| 1046 |
-
$message = '<b> ' . Mo2fConstants:: langTranslate( $selectedMethod ) . '</b> ' . Mo2fConstants:: langTranslate( "SET_AS_2ND_FACTOR" ) .
|
| 1047 |
-
'<br> Please test the login flow once with 2nd factor in another browser or in an incognito window of the same browser to ensure it works.';
|
| 1048 |
-
update_option( 'mo2f_message', $message );
|
| 1049 |
-
|
| 1050 |
delete_user_meta( $user->ID, 'mo2f_2FA_method_to_configure' );
|
| 1051 |
|
| 1052 |
|
|
@@ -1067,7 +1082,7 @@ class Miniorange_Authentication {
|
|
| 1067 |
}
|
| 1068 |
|
| 1069 |
delete_user_meta( $user->ID, 'configure_2FA' );
|
| 1070 |
-
$
|
| 1071 |
|
| 1072 |
} else {
|
| 1073 |
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_DURING_PROCESS" ) );
|
|
@@ -1361,29 +1376,6 @@ class Miniorange_Authentication {
|
|
| 1361 |
}
|
| 1362 |
}
|
| 1363 |
|
| 1364 |
-
if ( isset( $_POST['option'] ) && $_POST['option'] == 'mo2f_configure_google_auth_phone_type' ) {
|
| 1365 |
-
$email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user->ID );
|
| 1366 |
-
$phone_type = $_POST['mo2f_app_type_radio'];
|
| 1367 |
-
$google_auth = new Miniorange_Rba_Attributes();
|
| 1368 |
-
$google_response = json_decode( $google_auth->mo2f_google_auth_service( $email ), true );
|
| 1369 |
-
if ( json_last_error() == JSON_ERROR_NONE ) {
|
| 1370 |
-
if ( $google_response['status'] == 'SUCCESS' ) {
|
| 1371 |
-
$mo2f_google_auth = array();
|
| 1372 |
-
$mo2f_google_auth['ga_qrCode'] = $google_response['qrCodeData'];
|
| 1373 |
-
$mo2f_google_auth['ga_secret'] = $google_response['secret'];
|
| 1374 |
-
$mo2f_google_auth['ga_phone'] = $phone_type;
|
| 1375 |
-
$_SESSION['mo2f_google_auth'] = $mo2f_google_auth;
|
| 1376 |
-
} else {
|
| 1377 |
-
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_DURING_USER_REGISTRATION" ) );
|
| 1378 |
-
$this->mo_auth_show_error_message();
|
| 1379 |
-
}
|
| 1380 |
-
} else {
|
| 1381 |
-
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_DURING_USER_REGISTRATION" ) );
|
| 1382 |
-
$this->mo_auth_show_error_message();
|
| 1383 |
-
|
| 1384 |
-
}
|
| 1385 |
-
}
|
| 1386 |
-
|
| 1387 |
if ( isset( $_POST['option'] ) && $_POST['option'] == 'mo2f_configure_google_authenticator_validate' ) {
|
| 1388 |
$otpToken = $_POST['google_token'];
|
| 1389 |
$ga_secret = isset( $_POST['google_auth_secret'] ) ? $_POST['google_auth_secret'] : null;
|
|
@@ -1414,11 +1406,7 @@ class Miniorange_Authentication {
|
|
| 1414 |
) );
|
| 1415 |
|
| 1416 |
update_user_meta( $user->ID, 'mo2f_external_app_type', "Google Authenticator" );
|
| 1417 |
-
$
|
| 1418 |
-
'<br> Please test the login flow once with 2nd factor in another browser or in an incognito window of the same browser to ensure it works.';
|
| 1419 |
-
update_option( 'mo2f_message', $message );
|
| 1420 |
-
$this->mo_auth_show_success_message();
|
| 1421 |
-
|
| 1422 |
|
| 1423 |
} else {
|
| 1424 |
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_DURING_PROCESS" ) );
|
|
@@ -1490,14 +1478,10 @@ class Miniorange_Authentication {
|
|
| 1490 |
'mo_2factor_user_registration_status' => 'MO_2_FACTOR_PLUGIN_SETTINGS'
|
| 1491 |
) );
|
| 1492 |
update_user_meta( $user->ID, 'mo2f_external_app_type', "Authy Authenticator" );
|
| 1493 |
-
$message = '<b>Authy 2-Factor Authentication</b> has been set as your 2nd factor method.' .
|
| 1494 |
-
'<br> Please test the login flow once with 2nd factor in another browser or in an incognito window of the same browser to ensure it works.';
|
| 1495 |
delete_user_meta( $user->ID, 'mo2f_2FA_method_to_configure' );
|
| 1496 |
delete_user_meta( $user->ID, 'configure_2FA' );
|
| 1497 |
update_option( 'mo2f_enable_2fa_prompt_on_login_page', 1 );
|
| 1498 |
-
|
| 1499 |
-
$this->mo_auth_show_success_message();
|
| 1500 |
-
|
| 1501 |
|
| 1502 |
} else {
|
| 1503 |
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_DURING_PROCESS" ) );
|
|
@@ -1585,12 +1569,7 @@ class Miniorange_Authentication {
|
|
| 1585 |
'mo_2factor_user_registration_status' => "MO_2_FACTOR_PLUGIN_SETTINGS"
|
| 1586 |
) );
|
| 1587 |
|
| 1588 |
-
$
|
| 1589 |
-
$message = '<b> ' . $authType . ' </b> ' . Mo2fConstants:: langTranslate( "SET_AS_2ND_FACTOR" ) .
|
| 1590 |
-
'<br> Please test the login flow once with 2nd factor in another browser or in an incognito window of the same browser to ensure it works.';
|
| 1591 |
-
update_option( 'mo2f_message', $message );
|
| 1592 |
-
|
| 1593 |
-
$this->mo_auth_show_success_message();
|
| 1594 |
|
| 1595 |
} else {
|
| 1596 |
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_DURING_PROCESS" ) );
|
|
@@ -1765,10 +1744,7 @@ class Miniorange_Authentication {
|
|
| 1765 |
MO2f_Utility::unset_session_variables( 'user_phone' );
|
| 1766 |
delete_option( 'user_phone_temp' );
|
| 1767 |
|
| 1768 |
-
$
|
| 1769 |
-
'<br> Please test the login flow once with 2nd factor in another browser or in an incognito window of the same browser to ensure it works.';
|
| 1770 |
-
update_option( 'mo2f_message', $message );
|
| 1771 |
-
$this->mo_auth_show_success_message();
|
| 1772 |
} else {
|
| 1773 |
MO2f_Utility::unset_session_variables( 'user_phone' );
|
| 1774 |
delete_option( 'user_phone_temp' );
|
|
@@ -1807,17 +1783,6 @@ class Miniorange_Authentication {
|
|
| 1807 |
$user_phone = $_SESSION['user_phone'] != 'false' ? $_SESSION['user_phone'] : $Mo2fdbQueries->get_user_detail( 'mo2f_user_phone', $user->ID );
|
| 1808 |
}
|
| 1809 |
|
| 1810 |
-
|
| 1811 |
-
if ( ! $is_nc_with_unlimited_users && in_array( $selected_2FA_method, array(
|
| 1812 |
-
"Google Authenticator",
|
| 1813 |
-
"miniOrange Soft Token",
|
| 1814 |
-
"Authy Authenticator"
|
| 1815 |
-
) ) ) {
|
| 1816 |
-
update_option( 'mo2f_enable_2fa_prompt_on_login_page', 1 );
|
| 1817 |
-
} else {
|
| 1818 |
-
update_option( 'mo2f_enable_2fa_prompt_on_login_page', 0 );
|
| 1819 |
-
}
|
| 1820 |
-
|
| 1821 |
// set it as his 2-factor in the WP database and server
|
| 1822 |
if ( $selected_action == "select2factor" ) {
|
| 1823 |
|
|
@@ -1830,6 +1795,17 @@ class Miniorange_Authentication {
|
|
| 1830 |
|
| 1831 |
// update the server
|
| 1832 |
$this->mo2f_save_2_factor_method( $user, $selected_2FA_method );
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 1833 |
}
|
| 1834 |
|
| 1835 |
} else if ( $selected_action == "configure2factor" ) {
|
|
@@ -2053,6 +2029,7 @@ class Miniorange_Authentication {
|
|
| 2053 |
|
| 2054 |
function mo2f_delete_mo_options() {
|
| 2055 |
delete_option( 'mo2f_email' );
|
|
|
|
| 2056 |
delete_option( 'mo2f_host_name' );
|
| 2057 |
delete_option( 'user_phone' );
|
| 2058 |
//delete_option( 'mo2f_customerKey' );
|
|
@@ -2074,7 +2051,6 @@ class Miniorange_Authentication {
|
|
| 2074 |
delete_option( 'mo2f_proxy_username' );
|
| 2075 |
delete_option( 'mo2f_proxy_password' );
|
| 2076 |
delete_option( 'mo2f_customer_selected_plan' );
|
| 2077 |
-
|
| 2078 |
}
|
| 2079 |
|
| 2080 |
function mo_auth_show_success_message() {
|
|
@@ -2195,6 +2171,28 @@ class Miniorange_Authentication {
|
|
| 2195 |
}
|
| 2196 |
}
|
| 2197 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 2198 |
function mo_auth_show_error_message() {
|
| 2199 |
remove_action( 'admin_notices', array( $this, 'mo_auth_error_message' ) );
|
| 2200 |
add_action( 'admin_notices', array( $this, 'mo_auth_success_message' ) );
|
|
@@ -2373,6 +2371,7 @@ class Miniorange_Authentication {
|
|
| 2373 |
update_option( 'mo2f_is_NC', 1 );
|
| 2374 |
update_option( 'mo2f_is_NNC', 1 );
|
| 2375 |
}
|
|
|
|
| 2376 |
update_option( 'mo2f_host_name', 'https://auth.miniorange.com' );
|
| 2377 |
global $Mo2fdbQueries;
|
| 2378 |
$Mo2fdbQueries->mo_plugin_activate();
|
|
@@ -2409,4 +2408,4 @@ function mo2f_is_customer_registered() {
|
|
| 2409 |
|
| 2410 |
|
| 2411 |
new Miniorange_Authentication;
|
| 2412 |
-
?>
|
| 3 |
* Plugin Name: miniOrange 2 Factor Authentication
|
| 4 |
* Plugin URI: https://miniorange.com
|
| 5 |
* Description: This plugin provides various two-factor authentication methods as an additional layer of security after the default wordpress login. We Support Google Authenticator, QR Code, Push Notification, Soft Token and Security Questions(KBA) for 1 User in the free version of the plugin.
|
| 6 |
+
* Version: 5.1.6
|
| 7 |
* Author: miniOrange
|
| 8 |
* Author URI: https://miniorange.com
|
| 9 |
* License: GPL2
|
| 15 |
include_once dirname( __FILE__ ) . '/class-customer-setup.php';
|
| 16 |
include_once dirname( __FILE__ ) . '/database/database_functions.php';
|
| 17 |
include dirname( __FILE__ ) . '/views/feedback_form.php';
|
| 18 |
+
include dirname( __FILE__ ) . '/views/test_2fa_notification.php';
|
| 19 |
include dirname( __FILE__ ) . '/views/customer_registration.php';
|
| 20 |
require( 'class-utility.php' );
|
| 21 |
require( 'class-mo2f-constants.php' );
|
| 95 |
add_action( 'mo2f_shortcode_form_fields', array(
|
| 96 |
$pass2fa_login,
|
| 97 |
'miniorange_pass2login_form_fields'
|
| 98 |
+
), 10, 4 );
|
| 99 |
add_filter( 'mo2f_gauth_service', array( $mo2f_rba_attributes, 'mo2f_google_auth_service' ), 10, 1 );
|
| 100 |
|
| 101 |
|
| 172 |
|
| 173 |
function mo2f_update_db_check() {
|
| 174 |
|
| 175 |
+
global $Mo2fdbQueries;
|
| 176 |
$user_id = get_option( 'mo2f_miniorange_admin' );
|
| 177 |
|
| 178 |
if ( ! get_option( 'mo2f_existing_user_values_updated' ) ) {
|
| 277 |
}
|
| 278 |
|
| 279 |
}
|
| 280 |
+
|
| 281 |
+
$check_if_column_exists = $Mo2fdbQueries->check_if_column_exists( $user_id, "user_login_info_table", "mo_2factor_login_status" );
|
| 282 |
+
|
| 283 |
+
if ( $user_id && ! get_option( 'mo2f_db_option_updated' ) && ! $check_if_column_exists ) {
|
| 284 |
+
$query = "ALTER TABLE `wp_mo2f_user_login_info` ADD COLUMN `mo_2factor_login_status` VARCHAR(100) NOT NULL";
|
| 285 |
+
$Mo2fdbQueries->execute_add_column( $query );
|
| 286 |
+
update_option( 'mo2f_db_option_updated', 1 );
|
| 287 |
+
}
|
| 288 |
}
|
| 289 |
|
| 290 |
|
| 434 |
}
|
| 435 |
|
| 436 |
function mo_2_factor_enable_frontend_style() {
|
| 437 |
+
wp_enqueue_style( 'mo2f_frontend_login_style', plugins_url( 'includes/css/front_end_login.css?version=5.1.6', __FILE__ ) );
|
| 438 |
+
wp_enqueue_style( 'bootstrap_style', plugins_url( 'includes/css/bootstrap.min.css?version=5.1.6', __FILE__ ) );
|
| 439 |
+
wp_enqueue_style( 'mo_2_factor_admin_settings_phone_style', plugins_url( 'includes/css/phone.css?version=5.1.6', __FILE__ ) );
|
| 440 |
wp_enqueue_style( 'mo_2_factor_wpb-fa', plugins_url( 'includes/css/font-awesome.min.css', __FILE__ ) );
|
| 441 |
+
wp_enqueue_style( 'mo2f_login_popup_style', plugins_url( 'includes/css/mo2f_login_popup_ui.css?version=5.1.6', __FILE__ ) );
|
| 442 |
}
|
| 443 |
|
| 444 |
function plugin_settings_style( $mo2fa_hook_page ) {
|
| 445 |
if ( 'toplevel_page_miniOrange_2_factor_settings' != $mo2fa_hook_page ) {
|
| 446 |
return;
|
| 447 |
}
|
| 448 |
+
wp_enqueue_style( 'mo_2_factor_admin_settings_style', plugins_url( 'includes/css/style_settings.css?version=5.1.6', __FILE__ ) );
|
| 449 |
+
wp_enqueue_style( 'mo_2_factor_admin_settings_phone_style', plugins_url( 'includes/css/phone.css?version=5.1.6', __FILE__ ) );
|
| 450 |
+
wp_enqueue_style( 'bootstrap_style', plugins_url( 'includes/css/bootstrap.min.css?version=5.1.6', __FILE__ ) );
|
| 451 |
wp_enqueue_style( 'mo_2_factor_wpb-fa', plugins_url( 'includes/css/font-awesome.min.css', __FILE__ ) );
|
| 452 |
}
|
| 453 |
|
| 532 |
update_option( 'mo2f_password', stripslashes( $password ) );
|
| 533 |
$customer = new Customer_Setup();
|
| 534 |
$customerKey = json_decode( $customer->check_customer(), true );
|
| 535 |
+
|
| 536 |
if ( strcasecmp( $customerKey['status'], 'CUSTOMER_NOT_FOUND' ) == 0 ) {
|
| 537 |
if ( $customerKey['status'] == 'ERROR' ) {
|
| 538 |
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( $customerKey['message'] ) );
|
|
|
|
| 539 |
} else {
|
|
|
|
| 540 |
$this->mo2f_create_customer( $user );
|
| 541 |
delete_user_meta( $user->ID, 'mo_2fa_verify_otp_create_account' );
|
| 542 |
delete_user_meta( $user->ID, 'register_account' );
|
| 543 |
+
if(get_user_meta( $user->ID, 'mo2f_2FA_method_to_configure'))
|
| 544 |
+
update_user_meta( $user->ID, 'configure_2FA', 1 );
|
| 545 |
|
| 546 |
}
|
| 547 |
} else { //customer already exists, redirect him to login page
|
| 680 |
if ( ! empty( $mo2f_customer_selected_plan ) ) {
|
| 681 |
delete_option( 'mo2f_customer_selected_plan' );
|
| 682 |
header( 'Location: admin.php?page=miniOrange_2_factor_settings&mo2f_tab=mo2f_pricing' );
|
| 683 |
+
} else if ( $mo2f_second_factor == 'NONE' ) {
|
| 684 |
update_user_meta( $user->ID, 'configure_2FA', 1 );
|
| 685 |
}
|
| 686 |
|
| 967 |
if ( ! in_array( $_POST['deactivate_plugin'], $reasons_not_to_worry_about ) ) {
|
| 968 |
|
| 969 |
$message .= $_POST['deactivate_plugin'];
|
| 970 |
+
|
| 971 |
if ( $_POST['query_feedback'] != '' ) {
|
| 972 |
$message .= ':' . $_POST['query_feedback'];
|
| 973 |
}
|
| 974 |
+
|
| 975 |
+
|
| 976 |
+
if($_POST['deactivate_plugin'] == "Conflicts with other plugins"){
|
| 977 |
+
$plugin_selected = $_POST['plugin_selected'];
|
| 978 |
+
$plugin = MO2f_Utility::get_plugin_name_by_identifier($plugin_selected);
|
| 979 |
+
|
| 980 |
+
$message .= ", Plugin selected - " . $plugin . ".";
|
| 981 |
+
}
|
| 982 |
+
|
| 983 |
$email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user->ID );
|
| 984 |
if ( $email == '' ) {
|
| 985 |
$email = $user->user_email;
|
| 1062 |
|
| 1063 |
$selectedMethod = $TwoFA_method_to_configure;
|
| 1064 |
|
|
|
|
|
|
|
|
|
|
|
|
|
| 1065 |
delete_user_meta( $user->ID, 'mo2f_2FA_method_to_configure' );
|
| 1066 |
|
| 1067 |
|
| 1082 |
}
|
| 1083 |
|
| 1084 |
delete_user_meta( $user->ID, 'configure_2FA' );
|
| 1085 |
+
mo2f_display_test_2fa_notification($user);
|
| 1086 |
|
| 1087 |
} else {
|
| 1088 |
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_DURING_PROCESS" ) );
|
| 1376 |
}
|
| 1377 |
}
|
| 1378 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 1379 |
if ( isset( $_POST['option'] ) && $_POST['option'] == 'mo2f_configure_google_authenticator_validate' ) {
|
| 1380 |
$otpToken = $_POST['google_token'];
|
| 1381 |
$ga_secret = isset( $_POST['google_auth_secret'] ) ? $_POST['google_auth_secret'] : null;
|
| 1406 |
) );
|
| 1407 |
|
| 1408 |
update_user_meta( $user->ID, 'mo2f_external_app_type', "Google Authenticator" );
|
| 1409 |
+
mo2f_display_test_2fa_notification($user);
|
|
|
|
|
|
|
|
|
|
|
|
|
| 1410 |
|
| 1411 |
} else {
|
| 1412 |
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_DURING_PROCESS" ) );
|
| 1478 |
'mo_2factor_user_registration_status' => 'MO_2_FACTOR_PLUGIN_SETTINGS'
|
| 1479 |
) );
|
| 1480 |
update_user_meta( $user->ID, 'mo2f_external_app_type', "Authy Authenticator" );
|
|
|
|
|
|
|
| 1481 |
delete_user_meta( $user->ID, 'mo2f_2FA_method_to_configure' );
|
| 1482 |
delete_user_meta( $user->ID, 'configure_2FA' );
|
| 1483 |
update_option( 'mo2f_enable_2fa_prompt_on_login_page', 1 );
|
| 1484 |
+
mo2f_display_test_2fa_notification($user);
|
|
|
|
|
|
|
| 1485 |
|
| 1486 |
} else {
|
| 1487 |
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_DURING_PROCESS" ) );
|
| 1569 |
'mo_2factor_user_registration_status' => "MO_2_FACTOR_PLUGIN_SETTINGS"
|
| 1570 |
) );
|
| 1571 |
|
| 1572 |
+
mo2f_display_test_2fa_notification($user);
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 1573 |
|
| 1574 |
} else {
|
| 1575 |
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_DURING_PROCESS" ) );
|
| 1744 |
MO2f_Utility::unset_session_variables( 'user_phone' );
|
| 1745 |
delete_option( 'user_phone_temp' );
|
| 1746 |
|
| 1747 |
+
mo2f_display_test_2fa_notification($user);
|
|
|
|
|
|
|
|
|
|
| 1748 |
} else {
|
| 1749 |
MO2f_Utility::unset_session_variables( 'user_phone' );
|
| 1750 |
delete_option( 'user_phone_temp' );
|
| 1783 |
$user_phone = $_SESSION['user_phone'] != 'false' ? $_SESSION['user_phone'] : $Mo2fdbQueries->get_user_detail( 'mo2f_user_phone', $user->ID );
|
| 1784 |
}
|
| 1785 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 1786 |
// set it as his 2-factor in the WP database and server
|
| 1787 |
if ( $selected_action == "select2factor" ) {
|
| 1788 |
|
| 1795 |
|
| 1796 |
// update the server
|
| 1797 |
$this->mo2f_save_2_factor_method( $user, $selected_2FA_method );
|
| 1798 |
+
|
| 1799 |
+
if ( ! $is_nc_with_unlimited_users && in_array( $selected_2FA_method, array(
|
| 1800 |
+
"Google Authenticator",
|
| 1801 |
+
"miniOrange Soft Token",
|
| 1802 |
+
"Authy Authenticator"
|
| 1803 |
+
) ) ) {
|
| 1804 |
+
update_option( 'mo2f_enable_2fa_prompt_on_login_page', 1 );
|
| 1805 |
+
} else {
|
| 1806 |
+
update_option( 'mo2f_enable_2fa_prompt_on_login_page', 0 );
|
| 1807 |
+
}
|
| 1808 |
+
|
| 1809 |
}
|
| 1810 |
|
| 1811 |
} else if ( $selected_action == "configure2factor" ) {
|
| 2029 |
|
| 2030 |
function mo2f_delete_mo_options() {
|
| 2031 |
delete_option( 'mo2f_email' );
|
| 2032 |
+
delete_option( 'mo2f_dbversion' );
|
| 2033 |
delete_option( 'mo2f_host_name' );
|
| 2034 |
delete_option( 'user_phone' );
|
| 2035 |
//delete_option( 'mo2f_customerKey' );
|
| 2051 |
delete_option( 'mo2f_proxy_username' );
|
| 2052 |
delete_option( 'mo2f_proxy_password' );
|
| 2053 |
delete_option( 'mo2f_customer_selected_plan' );
|
|
|
|
| 2054 |
}
|
| 2055 |
|
| 2056 |
function mo_auth_show_success_message() {
|
| 2171 |
}
|
| 2172 |
}
|
| 2173 |
|
| 2174 |
+
public static function mo2f_get_GA_parameters($user){
|
| 2175 |
+
global $Mo2fdbQueries;
|
| 2176 |
+
$email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user->ID );
|
| 2177 |
+
$google_auth = new Miniorange_Rba_Attributes();
|
| 2178 |
+
$google_response = json_decode( $google_auth->mo2f_google_auth_service( $email ), true );
|
| 2179 |
+
if ( json_last_error() == JSON_ERROR_NONE ) {
|
| 2180 |
+
if ( $google_response['status'] == 'SUCCESS' ) {
|
| 2181 |
+
$mo2f_google_auth = array();
|
| 2182 |
+
$mo2f_google_auth['ga_qrCode'] = $google_response['qrCodeData'];
|
| 2183 |
+
$mo2f_google_auth['ga_secret'] = $google_response['secret'];
|
| 2184 |
+
$_SESSION['mo2f_google_auth'] = $mo2f_google_auth;
|
| 2185 |
+
}else {
|
| 2186 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_DURING_USER_REGISTRATION" ) );
|
| 2187 |
+
self::mo_auth_show_error_message();
|
| 2188 |
+
}
|
| 2189 |
+
}else {
|
| 2190 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_DURING_USER_REGISTRATION" ) );
|
| 2191 |
+
self::mo_auth_show_error_message();
|
| 2192 |
+
|
| 2193 |
+
}
|
| 2194 |
+
}
|
| 2195 |
+
|
| 2196 |
function mo_auth_show_error_message() {
|
| 2197 |
remove_action( 'admin_notices', array( $this, 'mo_auth_error_message' ) );
|
| 2198 |
add_action( 'admin_notices', array( $this, 'mo_auth_success_message' ) );
|
| 2371 |
update_option( 'mo2f_is_NC', 1 );
|
| 2372 |
update_option( 'mo2f_is_NNC', 1 );
|
| 2373 |
}
|
| 2374 |
+
|
| 2375 |
update_option( 'mo2f_host_name', 'https://auth.miniorange.com' );
|
| 2376 |
global $Mo2fdbQueries;
|
| 2377 |
$Mo2fdbQueries->mo_plugin_activate();
|
| 2408 |
|
| 2409 |
|
| 2410 |
new Miniorange_Authentication;
|
| 2411 |
+
?>
|
readme.txt
CHANGED
|
@@ -5,7 +5,7 @@ Donate link: https://miniorange.com/
|
|
| 5 |
Requires at least: 3.0.1
|
| 6 |
Tested up to: 4.9.4
|
| 7 |
Requires PHP: 5.3.0
|
| 8 |
-
Stable tag: 5.1.
|
| 9 |
License: GPLv2 or later
|
| 10 |
License URI: http://www.gnu.org/licenses/gpl-2.0.html
|
| 11 |
|
|
@@ -221,6 +221,17 @@ miniOrange authentication service has 15+ authentication methods.One time passco
|
|
| 221 |
3. 2 Factor Authentication prompt during Login.
|
| 222 |
|
| 223 |
== Changelog ==
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 224 |
|
| 225 |
= 5.1.2 =
|
| 226 |
* Google Authenticator-Two Factor Authentication (2FA) : Changes in registration flow.
|
|
@@ -532,6 +543,18 @@ More descriptive setup messages and UI changes.
|
|
| 532 |
|
| 533 |
== Upgrade Notice ==
|
| 534 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 535 |
= 5.1.2 =
|
| 536 |
* Google Authenticator-Two Factor Authentication (2FA) : Changes in registration flow.
|
| 537 |
|
| 5 |
Requires at least: 3.0.1
|
| 6 |
Tested up to: 4.9.4
|
| 7 |
Requires PHP: 5.3.0
|
| 8 |
+
Stable tag: 5.1.6
|
| 9 |
License: GPLv2 or later
|
| 10 |
License URI: http://www.gnu.org/licenses/gpl-2.0.html
|
| 11 |
|
| 221 |
3. 2 Factor Authentication prompt during Login.
|
| 222 |
|
| 223 |
== Changelog ==
|
| 224 |
+
= 5.1.6 =
|
| 225 |
+
* Google Authenticator-Two Factor Authentication (2FA) : Bug fix for DB error.
|
| 226 |
+
|
| 227 |
+
= 5.1.5 =
|
| 228 |
+
* Google Authenticator-Two Factor Authentication (2FA) : UI changes.
|
| 229 |
+
|
| 230 |
+
= 5.1.4 =
|
| 231 |
+
* Google Authenticator-Two Factor Authentication (2FA) : Bug fixes for redirect to login page issues.
|
| 232 |
+
|
| 233 |
+
= 5.1.3 =
|
| 234 |
+
* Google Authenticator-Two Factor Authentication (2FA) : Minor bug fixes.
|
| 235 |
|
| 236 |
= 5.1.2 =
|
| 237 |
* Google Authenticator-Two Factor Authentication (2FA) : Changes in registration flow.
|
| 543 |
|
| 544 |
== Upgrade Notice ==
|
| 545 |
|
| 546 |
+
= 5.1.6 =
|
| 547 |
+
* Google Authenticator-Two Factor Authentication (2FA) : Bug fix for DB error.
|
| 548 |
+
|
| 549 |
+
= 5.1.5 =
|
| 550 |
+
* Google Authenticator-Two Factor Authentication (2FA) : UI changes.
|
| 551 |
+
|
| 552 |
+
= 5.1.4 =
|
| 553 |
+
* Google Authenticator-Two Factor Authentication (2FA) : Bug fixes for redirect to login page issues.
|
| 554 |
+
|
| 555 |
+
= 5.1.3 =
|
| 556 |
+
* Google Authenticator-Two Factor Authentication (2FA) : Minor bug fixes.
|
| 557 |
+
|
| 558 |
= 5.1.2 =
|
| 559 |
* Google Authenticator-Two Factor Authentication (2FA) : Changes in registration flow.
|
| 560 |
|
uninstall.php
CHANGED
|
@@ -11,6 +11,8 @@ $Mo2fdbQueries = new Mo2fDB();
|
|
| 11 |
|
| 12 |
$table_name = $wpdb->prefix . 'mo2f_user_details';
|
| 13 |
$Mo2fdbQueries->drop_table( $table_name );
|
|
|
|
|
|
|
| 14 |
|
| 15 |
if ( ! is_multisite() ) {
|
| 16 |
|
|
@@ -22,7 +24,7 @@ if ( ! is_multisite() ) {
|
|
| 22 |
delete_option( 'mo2f_customer_token' );
|
| 23 |
delete_option( 'mo2f_message' );
|
| 24 |
delete_option( 'mo_2factor_admin_registration_status' );
|
| 25 |
-
delete_option( '
|
| 26 |
delete_option( 'mo_2f_login_type_enabled' );
|
| 27 |
delete_option( 'mo2f_admin_disabled_status' );
|
| 28 |
delete_option( 'mo2f_disabled_status' );
|
|
@@ -69,7 +71,8 @@ if ( ! is_multisite() ) {
|
|
| 69 |
delete_option( 'mo2f_admin_first_name' );
|
| 70 |
delete_option( 'mo2_admin_last_name' );
|
| 71 |
delete_option( 'mo2f_admin_company' );
|
| 72 |
-
|
|
|
|
| 73 |
//delete all stored key-value pairs for the roles
|
| 74 |
global $wp_roles;
|
| 75 |
if ( ! isset( $wp_roles ) ) {
|
|
@@ -95,7 +98,7 @@ if ( ! is_multisite() ) {
|
|
| 95 |
delete_option( 'mo2f_customer_token' );
|
| 96 |
delete_option( 'mo2f_message' );
|
| 97 |
delete_option( 'mo_2factor_admin_registration_status' );
|
| 98 |
-
delete_option( '
|
| 99 |
delete_option( 'mo_2f_login_type_enabled' );
|
| 100 |
delete_option( 'mo2f_admin_disabled_status' );
|
| 101 |
delete_option( 'mo2f_disabled_status' );
|
|
@@ -140,7 +143,8 @@ if ( ! is_multisite() ) {
|
|
| 140 |
delete_option( 'mo2f_admin_first_name' );
|
| 141 |
delete_option( 'mo2_admin_last_name' );
|
| 142 |
delete_option( 'mo2f_admin_company' );
|
| 143 |
-
|
|
|
|
| 144 |
delete_option( 'mo2f_bug_fix_done' );
|
| 145 |
//delete all stored key-value pairs for the roles
|
| 146 |
global $wp_roles;
|
| 11 |
|
| 12 |
$table_name = $wpdb->prefix . 'mo2f_user_details';
|
| 13 |
$Mo2fdbQueries->drop_table( $table_name );
|
| 14 |
+
$table_name = $wpdb->prefix . 'mo2f_user_login_info';
|
| 15 |
+
$Mo2fdbQueries->drop_table( $table_name );
|
| 16 |
|
| 17 |
if ( ! is_multisite() ) {
|
| 18 |
|
| 24 |
delete_option( 'mo2f_customer_token' );
|
| 25 |
delete_option( 'mo2f_message' );
|
| 26 |
delete_option( 'mo_2factor_admin_registration_status' );
|
| 27 |
+
delete_option( 'mo2f_login_message' );
|
| 28 |
delete_option( 'mo_2f_login_type_enabled' );
|
| 29 |
delete_option( 'mo2f_admin_disabled_status' );
|
| 30 |
delete_option( 'mo2f_disabled_status' );
|
| 71 |
delete_option( 'mo2f_admin_first_name' );
|
| 72 |
delete_option( 'mo2_admin_last_name' );
|
| 73 |
delete_option( 'mo2f_admin_company' );
|
| 74 |
+
delete_option( 'mo2f_db_option_updated' );
|
| 75 |
+
delete_option( 'mo2f_login_option_updated' );
|
| 76 |
//delete all stored key-value pairs for the roles
|
| 77 |
global $wp_roles;
|
| 78 |
if ( ! isset( $wp_roles ) ) {
|
| 98 |
delete_option( 'mo2f_customer_token' );
|
| 99 |
delete_option( 'mo2f_message' );
|
| 100 |
delete_option( 'mo_2factor_admin_registration_status' );
|
| 101 |
+
delete_option( 'mo2f_login_message' );
|
| 102 |
delete_option( 'mo_2f_login_type_enabled' );
|
| 103 |
delete_option( 'mo2f_admin_disabled_status' );
|
| 104 |
delete_option( 'mo2f_disabled_status' );
|
| 143 |
delete_option( 'mo2f_admin_first_name' );
|
| 144 |
delete_option( 'mo2_admin_last_name' );
|
| 145 |
delete_option( 'mo2f_admin_company' );
|
| 146 |
+
delete_option( 'mo2f_db_option_updated' );
|
| 147 |
+
delete_option( 'mo2f_login_option_updated' );
|
| 148 |
delete_option( 'mo2f_bug_fix_done' );
|
| 149 |
//delete all stored key-value pairs for the roles
|
| 150 |
global $wp_roles;
|
views/configure_authy_authenticator
CHANGED
|
@@ -5,7 +5,7 @@
|
|
| 5 |
?>
|
| 6 |
<table>
|
| 7 |
<tr>
|
| 8 |
-
<td class="
|
| 9 |
<h3><?php echo mo2f_lt( 'Step-1: Configure Authy Authenticator App.' ); ?></h3>
|
| 10 |
<hr/>
|
| 11 |
<form name="f" method="post" id="mo2f_configure_google_authy_form1" action="">
|
|
@@ -22,7 +22,7 @@
|
|
| 22 |
</form>
|
| 23 |
</td>
|
| 24 |
<td class="mo2f_vertical_line"></td>
|
| 25 |
-
<td class="
|
| 26 |
<h3><?php echo mo2f_lt( 'Step-2: Set up Authy 2-Factor Authentication App' ); ?></h3>
|
| 27 |
<h3></h3>
|
| 28 |
<hr>
|
| 5 |
?>
|
| 6 |
<table>
|
| 7 |
<tr>
|
| 8 |
+
<td class="mo2f_authy_step1">
|
| 9 |
<h3><?php echo mo2f_lt( 'Step-1: Configure Authy Authenticator App.' ); ?></h3>
|
| 10 |
<hr/>
|
| 11 |
<form name="f" method="post" id="mo2f_configure_google_authy_form1" action="">
|
| 22 |
</form>
|
| 23 |
</td>
|
| 24 |
<td class="mo2f_vertical_line"></td>
|
| 25 |
+
<td class="mo2f_authy_step2">
|
| 26 |
<h3><?php echo mo2f_lt( 'Step-2: Set up Authy 2-Factor Authentication App' ); ?></h3>
|
| 27 |
<h3></h3>
|
| 28 |
<hr>
|
views/configure_google_authenticator
CHANGED
|
@@ -1,54 +1,31 @@
|
|
| 1 |
<?php
|
| 2 |
|
| 3 |
function mo2f_configure_google_authenticator( $user ) {
|
| 4 |
-
|
| 5 |
$mo2f_google_auth = isset( $_SESSION['mo2f_google_auth'] ) ? $_SESSION['mo2f_google_auth'] : null;
|
| 6 |
$data = isset( $_SESSION['mo2f_google_auth'] ) ? $mo2f_google_auth['ga_qrCode'] : null;
|
| 7 |
$ga_secret = isset( $_SESSION['mo2f_google_auth'] ) ? $mo2f_google_auth['ga_secret'] : null;
|
| 8 |
$h_size = 'h3';
|
|
|
|
| 9 |
?>
|
| 10 |
<table>
|
| 11 |
<tr>
|
| 12 |
-
<td class="mo2f_google_authy_step1">
|
| 13 |
-
<h4><?php echo '<' . $h_size . '>' . mo2f_lt( 'Step-1: Select phone Type' ) . '</' . $h_size . '>'; ?></h4>
|
| 14 |
-
<hr/>
|
| 15 |
-
<form name="f" method="post" id="mo2f_configure_google_authy_form1" action="">
|
| 16 |
-
<input type="radio" name="mo2f_app_type_radio"
|
| 17 |
-
value="android" <?php checked( $mo2f_google_auth['ga_phone'] == 'android' ); ?> />
|
| 18 |
-
<b><?php echo mo2f_lt( 'Android' ); ?></b>
|
| 19 |
-
<br><br>
|
| 20 |
-
<input type="radio" name="mo2f_app_type_radio"
|
| 21 |
-
value="iphone" <?php checked( $mo2f_google_auth['ga_phone'] == 'iphone' ); ?> />
|
| 22 |
-
<b><?php echo mo2f_lt( 'iPhone' ); ?></b>
|
| 23 |
-
<br><br>
|
| 24 |
-
<input type="radio" name="mo2f_app_type_radio"
|
| 25 |
-
value="blackberry" <?php checked( $mo2f_google_auth['ga_phone'] == 'blackberry' ); ?> />
|
| 26 |
-
<b><?php echo mo2f_lt( 'BlackBerry / Windows' ); ?></b>
|
| 27 |
-
<br><br>
|
| 28 |
-
<input type="hidden" name="option" value="mo2f_configure_google_auth_phone_type"/>
|
| 29 |
-
</form>
|
| 30 |
-
<form name="f" method="post" action="" id="mo2f_go_back_form">
|
| 31 |
-
<input type="hidden" name="option" value="mo2f_go_back"/>
|
| 32 |
-
<input type="submit" name="back" id="go_back" class="button button-primary button-large"
|
| 33 |
-
style="width:45%;" value="<?php echo mo2f_lt( 'Back' ); ?>"/>
|
| 34 |
-
</form>
|
| 35 |
-
</td>
|
| 36 |
-
<td class="mo2f_vertical_line"></td>
|
| 37 |
<td class="mo2f_google_authy_step2">
|
| 38 |
-
<?php echo '<' . $h_size . '>' . mo2f_lt( 'Step-
|
| 39 |
|
| 40 |
<hr>
|
| 41 |
-
|
| 42 |
-
|
| 43 |
-
<
|
| 44 |
-
|
| 45 |
-
|
| 46 |
-
<li><?php echo mo2f_lt( 'Search for Google Authenticator.' );
|
| 47 |
-
<a href="https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2"
|
| 48 |
-
|
|
|
|
| 49 |
</li>
|
| 50 |
|
| 51 |
</ol>
|
|
|
|
| 52 |
<h4><?php echo mo2f_lt( 'Open Google Authenticator.' ); ?></h4>
|
| 53 |
<ol>
|
| 54 |
<li><?php echo mo2f_lt( 'In the app, tap on Menu and select "Set up account".' ); ?></li>
|
|
@@ -95,91 +72,16 @@ function mo2f_configure_google_authenticator( $user ) {
|
|
| 95 |
<li><?php echo mo2f_lt( 'Tap Add.' ); ?></li>
|
| 96 |
</ol>
|
| 97 |
</div>
|
| 98 |
-
|
| 99 |
-
|
| 100 |
-
|
| 101 |
-
|
| 102 |
-
|
| 103 |
-
|
| 104 |
-
<li><?php echo mo2f_lt( 'Navigate to App Store in your phone.' ); ?></li>
|
| 105 |
-
<li><?php echo mo2f_lt( 'Search for Google Authenticator.' ); ?></b>
|
| 106 |
-
<a href="http://itunes.apple.com/us/app/google-authenticator/id388497605?mt=8"
|
| 107 |
-
target="_blank"><?php echo mo2f_lt( 'Download the app from the App Store and install it.' ); ?></a>
|
| 108 |
-
</li>
|
| 109 |
-
</ol>
|
| 110 |
-
<h4><?php echo mo2f_lt( 'Open Google Authenticator.' ); ?></h4>
|
| 111 |
-
<ol>
|
| 112 |
-
<li><?php echo mo2f_lt( 'In the app, tap on "+" first, and then on "Scan Barcode".' ); ?></li>
|
| 113 |
-
<li><?php echo mo2f_lt( 'Use your phone\'s camera to scan the barcode.' ); ?>
|
| 114 |
-
<center><br>
|
| 115 |
-
<div id="displayQrCode"><?php echo '<img src="data:image/jpg;base64,' . $data . '" />'; ?></div>
|
| 116 |
-
</center>
|
| 117 |
-
</li>
|
| 118 |
-
</ol>
|
| 119 |
-
<br>
|
| 120 |
-
<div><a data-toggle="collapse" href="#mo2f_scanbarcode_i"
|
| 121 |
-
aria-expanded="false"><b><?php echo mo2f_lt( 'Can\'t scan the barcode? ' ); ?></b></a>
|
| 122 |
-
</div>
|
| 123 |
-
<div class="mo2f_collapse" id="mo2f_scanbarcode_i">
|
| 124 |
-
<ol class="mo2f_ol">
|
| 125 |
-
<li><?php echo mo2f_lt( 'In the app, tap on + .' ); ?></li>
|
| 126 |
-
<li><?php echo mo2f_lt( 'Make sure the Key Type is selected as' ); ?>
|
| 127 |
-
<b> <?php echo mo2f_lt( ' Time-based ' ); ?></b>.
|
| 128 |
-
</li>
|
| 129 |
-
<li><?php echo mo2f_lt( 'For the' ); ?>
|
| 130 |
-
<b> <?php echo mo2f_lt( ' Account ' ); ?></b>
|
| 131 |
-
<?php echo mo2f_lt( 'field, type your preferred account name' ); ?>.
|
| 132 |
-
</li>
|
| 133 |
-
<li><?php echo mo2f_lt( 'For the' ); ?>
|
| 134 |
-
<b> <?php echo mo2f_lt( ' Key ' ); ?></b>
|
| 135 |
-
<?php echo mo2f_lt( 'field, type the below secret key' ); ?>:
|
| 136 |
-
</li>
|
| 137 |
-
|
| 138 |
-
<div class="mo2f_google_authy_secret_outer_div">
|
| 139 |
-
<div class="mo2f_google_authy_secret_inner_div">
|
| 140 |
-
<?php echo $ga_secret; ?>
|
| 141 |
-
</div>
|
| 142 |
-
<div class="mo2f_google_authy_secret">
|
| 143 |
-
<?php echo mo2f_lt( 'Spaces do not matter' ); ?>.
|
| 144 |
-
</div>
|
| 145 |
-
</div>
|
| 146 |
-
<li><?php echo mo2f_lt( 'Tap Add.' ); ?></li>
|
| 147 |
-
</ol>
|
| 148 |
-
</div>
|
| 149 |
-
</div>
|
| 150 |
-
|
| 151 |
-
<div id="mo2f_blackberry_div"
|
| 152 |
-
style="<?php echo $mo2f_google_auth['ga_phone'] == 'blackberry' ? 'display:block' : 'display:none'; ?>">
|
| 153 |
-
<h4><?php echo mo2f_lt( 'Install the Google Authenticator app for BlackBerry' ); ?></h4>
|
| 154 |
-
<ol>
|
| 155 |
-
<li><?php echo mo2f_lt( 'On your phone, open a web browser.Go to ' ); ?>
|
| 156 |
-
<b> m.google.com/authenticator</b>.
|
| 157 |
-
</li>
|
| 158 |
-
<li><?php echo mo2f_lt( 'Download and install the Google Authenticator application.' ); ?></li>
|
| 159 |
-
</ol>
|
| 160 |
-
<br>
|
| 161 |
-
<h4><?php echo mo2f_lt( 'Now open and configure Google Authenticator.' ); ?></h4>
|
| 162 |
-
<ol>
|
| 163 |
-
<li><?php echo mo2f_lt( 'In Google Authenticator, select Manual key entry.' ); ?></li>
|
| 164 |
-
<li><?php echo mo2f_lt( 'In "Enter account name" type your full email address.' ); ?></li>
|
| 165 |
-
<li><?php echo mo2f_lt( 'In "Enter key" type your secret key:' ); ?></li>
|
| 166 |
-
<div class="mo2f_google_authy_secret_outer_div">
|
| 167 |
-
<div class="mo2f_google_authy_secret_inner_div">
|
| 168 |
-
<?php echo $ga_secret; ?>
|
| 169 |
-
</div>
|
| 170 |
-
<div class="mo2f_google_authy_secret">
|
| 171 |
-
<?php echo mo2f_lt( 'Spaces do not matter' ); ?>.
|
| 172 |
-
</div>
|
| 173 |
-
</div>
|
| 174 |
-
<li><?php echo mo2f_lt( 'Choose Time-based type of key.' ); ?></li>
|
| 175 |
-
<li><?php echo mo2f_lt( 'Tap Save.' ); ?></li>
|
| 176 |
-
</ol>
|
| 177 |
-
</div>
|
| 178 |
-
|
| 179 |
</td>
|
| 180 |
<td class="mo2f_vertical_line"></td>
|
| 181 |
<td class="mo2f_google_authy_step3">
|
| 182 |
-
<h4><?php echo '<' . $h_size . '>' . mo2f_lt( 'Step-
|
| 183 |
<hr>
|
| 184 |
<div style="<?php echo isset( $_SESSION['mo2f_google_auth'] ) ? 'display:block' : 'display:none'; ?>">
|
| 185 |
<div><?php echo mo2f_lt( 'After you have scanned the QR code and created an account, enter the verification code from the scanned account here.' ); ?></div>
|
| 1 |
<?php
|
| 2 |
|
| 3 |
function mo2f_configure_google_authenticator( $user ) {
|
|
|
|
| 4 |
$mo2f_google_auth = isset( $_SESSION['mo2f_google_auth'] ) ? $_SESSION['mo2f_google_auth'] : null;
|
| 5 |
$data = isset( $_SESSION['mo2f_google_auth'] ) ? $mo2f_google_auth['ga_qrCode'] : null;
|
| 6 |
$ga_secret = isset( $_SESSION['mo2f_google_auth'] ) ? $mo2f_google_auth['ga_secret'] : null;
|
| 7 |
$h_size = 'h3';
|
| 8 |
+
|
| 9 |
?>
|
| 10 |
<table>
|
| 11 |
<tr>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 12 |
<td class="mo2f_google_authy_step2">
|
| 13 |
+
<?php echo '<' . $h_size . '>' . mo2f_lt( 'Step-1: Set up Google Authenticator' ) . '</' . $h_size . '>'; ?>
|
| 14 |
|
| 15 |
<hr>
|
| 16 |
+
|
| 17 |
+
<h4><?php echo mo2f_lt( 'Install the Google Authenticator App in your phone.' ); ?></h4>
|
| 18 |
+
<ol style="margin-left:6%">
|
| 19 |
+
<li><?php echo mo2f_lt( 'Navigate to App/Play Store in your phone.' ); ?>
|
| 20 |
+
</li>
|
| 21 |
+
<li><?php echo mo2f_lt( 'Search for Google Authenticator.' ); ?>
|
| 22 |
+
<b>Android</b>: <a href="https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2"
|
| 23 |
+
target="_blank"><?php echo mo2f_lt( 'Play Store ' ); ?></a> <b>iPhone</b>: <a href="http://itunes.apple.com/us/app/google-authenticator/id388497605?mt=8"
|
| 24 |
+
target="_blank"><?php echo mo2f_lt( 'App Store' ); ?></a>.
|
| 25 |
</li>
|
| 26 |
|
| 27 |
</ol>
|
| 28 |
+
|
| 29 |
<h4><?php echo mo2f_lt( 'Open Google Authenticator.' ); ?></h4>
|
| 30 |
<ol>
|
| 31 |
<li><?php echo mo2f_lt( 'In the app, tap on Menu and select "Set up account".' ); ?></li>
|
| 72 |
<li><?php echo mo2f_lt( 'Tap Add.' ); ?></li>
|
| 73 |
</ol>
|
| 74 |
</div>
|
| 75 |
+
<br>
|
| 76 |
+
<form name="f" method="post" action="" id="mo2f_go_back_form">
|
| 77 |
+
<input type="hidden" name="option" value="mo2f_go_back"/>
|
| 78 |
+
<input type="submit" name="back" id="go_back" class="button button-primary button-large"
|
| 79 |
+
style="width:50px;" value="<?php echo mo2f_lt( 'Back' ); ?>"/>
|
| 80 |
+
</form>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 81 |
</td>
|
| 82 |
<td class="mo2f_vertical_line"></td>
|
| 83 |
<td class="mo2f_google_authy_step3">
|
| 84 |
+
<h4><?php echo '<' . $h_size . '>' . mo2f_lt( 'Step-2: Verify and Save' ) . '</' . $h_size . '>';; ?></h4>
|
| 85 |
<hr>
|
| 86 |
<div style="<?php echo isset( $_SESSION['mo2f_google_auth'] ) ? 'display:block' : 'display:none'; ?>">
|
| 87 |
<div><?php echo mo2f_lt( 'After you have scanned the QR code and created an account, enter the verification code from the scanned account here.' ); ?></div>
|
views/configure_otp_over_sms
CHANGED
|
@@ -3,8 +3,8 @@
|
|
| 3 |
function mo2f_configure_otp_over_sms( $user ) {
|
| 4 |
global $Mo2fdbQueries;
|
| 5 |
$mo2f_user_phone = $Mo2fdbQueries->get_user_detail( 'mo2f_user_phone', $user->ID );
|
| 6 |
-
$user_phone =
|
| 7 |
-
|
| 8 |
?>
|
| 9 |
|
| 10 |
<h3><?php echo mo2f_lt( 'Configure OTP over SMS' ); ?></h3>
|
|
@@ -48,4 +48,4 @@ function mo2f_configure_otp_over_sms( $user ) {
|
|
| 48 |
<?php
|
| 49 |
}
|
| 50 |
|
| 51 |
-
?>
|
| 3 |
function mo2f_configure_otp_over_sms( $user ) {
|
| 4 |
global $Mo2fdbQueries;
|
| 5 |
$mo2f_user_phone = $Mo2fdbQueries->get_user_detail( 'mo2f_user_phone', $user->ID );
|
| 6 |
+
$user_phone = $mo2f_user_phone ? $mo2f_user_phone : get_option( 'user_phone_temp' );
|
| 7 |
+
|
| 8 |
?>
|
| 9 |
|
| 10 |
<h3><?php echo mo2f_lt( 'Configure OTP over SMS' ); ?></h3>
|
| 48 |
<?php
|
| 49 |
}
|
| 50 |
|
| 51 |
+
?>
|
views/customer_registration.php
CHANGED
|
@@ -11,14 +11,14 @@
|
|
| 11 |
<div class="login mo_customer_validation-modal-content" style="width:660px !important;">
|
| 12 |
<div class="mo2f_modal-header">
|
| 13 |
<button type="button" id="mo2f_registration_closed" class="mo2f_close" data-dismiss="modal">×</button>
|
| 14 |
-
<h2 class="mo2f_modal-title">You are just one step away from setting up 2FA
|
| 15 |
</div>
|
| 16 |
<div class="mo2f_modal-body">
|
| 17 |
|
| 18 |
<?php if ( $mo2f_message ) { ?>
|
| 19 |
-
<div style="padding:
|
| 20 |
-
<div class="alert alert-info" style="margin-bottom:0px">
|
| 21 |
-
<p style="font-size:15px"><?php echo $mo2f_message; ?></p>
|
| 22 |
</div>
|
| 23 |
</div>
|
| 24 |
<?php }
|
| 11 |
<div class="login mo_customer_validation-modal-content" style="width:660px !important;">
|
| 12 |
<div class="mo2f_modal-header">
|
| 13 |
<button type="button" id="mo2f_registration_closed" class="mo2f_close" data-dismiss="modal">×</button>
|
| 14 |
+
<h2 class="mo2f_modal-title">You are just one step away from setting up 2FA.</h2>
|
| 15 |
</div>
|
| 16 |
<div class="mo2f_modal-body">
|
| 17 |
|
| 18 |
<?php if ( $mo2f_message ) { ?>
|
| 19 |
+
<div style="padding:5px;">
|
| 20 |
+
<div class="alert alert-info" style="margin-bottom:0px;padding:3px;">
|
| 21 |
+
<p style="font-size:15px;margin-left: 2%;"><?php echo $mo2f_message; ?></p>
|
| 22 |
</div>
|
| 23 |
</div>
|
| 24 |
<?php }
|
views/feedback_form.php
CHANGED
|
@@ -4,12 +4,12 @@
|
|
| 4 |
}
|
| 5 |
|
| 6 |
$setup_guide_link = plugins_url( '/../includes/guides/Instructions for premium customers.pdf', __FILE__ );
|
|
|
|
| 7 |
|
| 8 |
-
$mo2f_message = get_option( 'mo2f_message' );
|
| 9 |
wp_enqueue_style( 'wp-pointer' );
|
| 10 |
wp_enqueue_script( 'wp-pointer' );
|
| 11 |
wp_enqueue_script( 'utils' );
|
| 12 |
-
wp_enqueue_style( 'mo_2_factor_admin_plugins_page_style', plugins_url( '/../includes/css/mo2f_plugins_page.css?version=5.1.
|
| 13 |
|
| 14 |
$action = 'install-plugin';
|
| 15 |
$slug = 'miniorange-google-authenticator';
|
|
@@ -29,8 +29,6 @@
|
|
| 29 |
<div class="mo2f_modal-content">
|
| 30 |
<h3>Can you please take a minute to give us some feedback? </h3>
|
| 31 |
|
| 32 |
-
<?php if ( $mo2f_message != '' ) { ?>
|
| 33 |
-
<?php } ?>
|
| 34 |
<form name="f" method="post" action="" id="mo2f_feedback">
|
| 35 |
<input type="hidden" name="mo2f_feedback" value="mo2f_feedback"/>
|
| 36 |
<div>
|
|
@@ -53,13 +51,19 @@
|
|
| 53 |
<label style="font-weight:normal;font-size:14.6px" for="<?php echo $deactivate_reasons; ?>">
|
| 54 |
<input type="radio" name="deactivate_plugin" value="<?php echo $deactivate_reasons; ?>"
|
| 55 |
required>
|
| 56 |
-
<?php echo $deactivate_reasons;
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 57 |
</div>
|
| 58 |
|
| 59 |
|
| 60 |
<?php } ?>
|
| 61 |
<br>
|
| 62 |
-
|
| 63 |
<textarea id="query_feedback" name="query_feedback" rows="4" style="margin-left:2%" cols="50"
|
| 64 |
placeholder="Write your query here"></textarea>
|
| 65 |
|
|
@@ -68,35 +72,28 @@
|
|
| 68 |
<div class="mo2f_modal-footer">
|
| 69 |
<input type="submit" name="miniorange_feedback_submit"
|
| 70 |
class="button button-primary button-large" style="float:left" value="Submit"/>
|
| 71 |
-
<input type="
|
| 72 |
-
|
| 73 |
-
|
| 74 |
-
<br>
|
| 75 |
</div>
|
| 76 |
</form>
|
| 77 |
<form name="f" method="post" action="" id="mo2f_feedback_form_close">
|
|
|
|
| 78 |
<input type="hidden" name="option" value="mo2f_skip_feedback"/>
|
| 79 |
</form>
|
| 80 |
-
<form name="f" method="post" action="" id="mo2f_feedback_form_skip">
|
| 81 |
-
<input type="hidden" name="option" value="mo2f_skip_feedback"/>
|
| 82 |
-
</form>
|
| 83 |
-
|
| 84 |
</div>
|
| 85 |
|
| 86 |
</div>
|
| 87 |
|
| 88 |
<script>
|
| 89 |
|
| 90 |
-
|
| 91 |
-
function skip_feedback() {
|
| 92 |
-
|
| 93 |
-
jQuery('#mo2f_feedback_form_skip').submit();
|
| 94 |
-
}
|
| 95 |
-
|
| 96 |
function handledeactivateplugin(){
|
| 97 |
jQuery('#mo2f_feedback_form_close').submit();
|
| 98 |
}
|
| 99 |
|
|
|
|
|
|
|
| 100 |
jQuery('a[aria-label="Deactivate miniOrange 2 Factor Authentication"]').click(function () {
|
| 101 |
// Get the mo2f_modal
|
| 102 |
<?php if(! get_option( 'mo2f_feedback_form' )){ ?>
|
|
@@ -114,24 +111,29 @@
|
|
| 114 |
var reason = jQuery(this).val();
|
| 115 |
jQuery('#query_feedback').removeAttr('required');
|
| 116 |
if (reason == "Did not want to create an account") {
|
|
|
|
| 117 |
jQuery('#query_feedback').attr("placeholder", "Write your query here.");
|
| 118 |
jQuery('#link_id').html('<p style="background-color:#a3e8c2;padding:5px;">We have another 2FA plugin for Wordpress that is entirely on-premise. You can manage all your data within the plugin' +
|
| 119 |
', without the need of creating an account with miniOrange. To get the plugin, ' +
|
| 120 |
'<a href="<?php echo $install_link?>" target="_blank" onclick="handledeactivateplugin()"><b>CLICK HERE.</b></a></p>');
|
| 121 |
jQuery('#link_id').show();
|
| 122 |
}else if (reason == "Upgrading to Premium") {
|
|
|
|
| 123 |
jQuery('#query_feedback').attr("placeholder", "Write your query here.");
|
| 124 |
jQuery('#link_id').html('<p style="background-color:#a3e8c2;padding:5px;">Thanks for upgrading. For setup instructions, please follow this guide' +
|
| 125 |
', <a href="<?php echo $setup_guide_link?>" download><b>DOWNLOAD GUIDE.</b></a></p>');
|
| 126 |
jQuery('#link_id').show();
|
| 127 |
}else if (reason == "Conflicts with other plugins") {
|
| 128 |
jQuery('#query_feedback').attr("placeholder", "Can you please mention the plugin name, and the issue?");
|
|
|
|
| 129 |
jQuery('#link_id').hide();
|
| 130 |
}else if (reason == "Other Reasons:") {
|
|
|
|
| 131 |
jQuery('#query_feedback').attr("placeholder", "Can you let us know the reason for deactivation");
|
| 132 |
jQuery('#query_feedback').prop('required', true);
|
| 133 |
jQuery('#link_id').hide();
|
| 134 |
}else{
|
|
|
|
| 135 |
jQuery('#query_feedback').attr("placeholder", "Write your query here.");
|
| 136 |
jQuery('#link_id').hide();
|
| 137 |
}
|
| 4 |
}
|
| 5 |
|
| 6 |
$setup_guide_link = plugins_url( '/../includes/guides/Instructions for premium customers.pdf', __FILE__ );
|
| 7 |
+
$plugins = MO2f_Utility::get_all_plugins_installed();
|
| 8 |
|
|
|
|
| 9 |
wp_enqueue_style( 'wp-pointer' );
|
| 10 |
wp_enqueue_script( 'wp-pointer' );
|
| 11 |
wp_enqueue_script( 'utils' );
|
| 12 |
+
wp_enqueue_style( 'mo_2_factor_admin_plugins_page_style', plugins_url( '/../includes/css/mo2f_plugins_page.css?version=5.1.6', __FILE__ ) );
|
| 13 |
|
| 14 |
$action = 'install-plugin';
|
| 15 |
$slug = 'miniorange-google-authenticator';
|
| 29 |
<div class="mo2f_modal-content">
|
| 30 |
<h3>Can you please take a minute to give us some feedback? </h3>
|
| 31 |
|
|
|
|
|
|
|
| 32 |
<form name="f" method="post" action="" id="mo2f_feedback">
|
| 33 |
<input type="hidden" name="mo2f_feedback" value="mo2f_feedback"/>
|
| 34 |
<div>
|
| 51 |
<label style="font-weight:normal;font-size:14.6px" for="<?php echo $deactivate_reasons; ?>">
|
| 52 |
<input type="radio" name="deactivate_plugin" value="<?php echo $deactivate_reasons; ?>"
|
| 53 |
required>
|
| 54 |
+
<?php echo $deactivate_reasons; ?>
|
| 55 |
+
<?php if($deactivate_reasons == "Conflicts with other plugins"){ ?>
|
| 56 |
+
<div id="other_plugins_installed" style="padding:8px;">
|
| 57 |
+
<?php echo $plugins ; ?>
|
| 58 |
+
</div>
|
| 59 |
+
<?php } ?>
|
| 60 |
+
|
| 61 |
+
</label>
|
| 62 |
</div>
|
| 63 |
|
| 64 |
|
| 65 |
<?php } ?>
|
| 66 |
<br>
|
|
|
|
| 67 |
<textarea id="query_feedback" name="query_feedback" rows="4" style="margin-left:2%" cols="50"
|
| 68 |
placeholder="Write your query here"></textarea>
|
| 69 |
|
| 72 |
<div class="mo2f_modal-footer">
|
| 73 |
<input type="submit" name="miniorange_feedback_submit"
|
| 74 |
class="button button-primary button-large" style="float:left" value="Submit"/>
|
| 75 |
+
<input type="button" name="miniorange_feedback_skip"
|
| 76 |
+
class="button button-primary button-large" style="float:right" value="Skip" onclick="document.getElementById('mo2f_feedback_form_close').submit();"/>
|
| 77 |
+
</div>
|
| 78 |
+
<br><br>
|
| 79 |
</div>
|
| 80 |
</form>
|
| 81 |
<form name="f" method="post" action="" id="mo2f_feedback_form_close">
|
| 82 |
+
|
| 83 |
<input type="hidden" name="option" value="mo2f_skip_feedback"/>
|
| 84 |
</form>
|
|
|
|
|
|
|
|
|
|
|
|
|
| 85 |
</div>
|
| 86 |
|
| 87 |
</div>
|
| 88 |
|
| 89 |
<script>
|
| 90 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 91 |
function handledeactivateplugin(){
|
| 92 |
jQuery('#mo2f_feedback_form_close').submit();
|
| 93 |
}
|
| 94 |
|
| 95 |
+
jQuery('#other_plugins_installed').hide();
|
| 96 |
+
|
| 97 |
jQuery('a[aria-label="Deactivate miniOrange 2 Factor Authentication"]').click(function () {
|
| 98 |
// Get the mo2f_modal
|
| 99 |
<?php if(! get_option( 'mo2f_feedback_form' )){ ?>
|
| 111 |
var reason = jQuery(this).val();
|
| 112 |
jQuery('#query_feedback').removeAttr('required');
|
| 113 |
if (reason == "Did not want to create an account") {
|
| 114 |
+
jQuery('#other_plugins_installed').hide();
|
| 115 |
jQuery('#query_feedback').attr("placeholder", "Write your query here.");
|
| 116 |
jQuery('#link_id').html('<p style="background-color:#a3e8c2;padding:5px;">We have another 2FA plugin for Wordpress that is entirely on-premise. You can manage all your data within the plugin' +
|
| 117 |
', without the need of creating an account with miniOrange. To get the plugin, ' +
|
| 118 |
'<a href="<?php echo $install_link?>" target="_blank" onclick="handledeactivateplugin()"><b>CLICK HERE.</b></a></p>');
|
| 119 |
jQuery('#link_id').show();
|
| 120 |
}else if (reason == "Upgrading to Premium") {
|
| 121 |
+
jQuery('#other_plugins_installed').hide();
|
| 122 |
jQuery('#query_feedback').attr("placeholder", "Write your query here.");
|
| 123 |
jQuery('#link_id').html('<p style="background-color:#a3e8c2;padding:5px;">Thanks for upgrading. For setup instructions, please follow this guide' +
|
| 124 |
', <a href="<?php echo $setup_guide_link?>" download><b>DOWNLOAD GUIDE.</b></a></p>');
|
| 125 |
jQuery('#link_id').show();
|
| 126 |
}else if (reason == "Conflicts with other plugins") {
|
| 127 |
jQuery('#query_feedback').attr("placeholder", "Can you please mention the plugin name, and the issue?");
|
| 128 |
+
jQuery('#other_plugins_installed').show();
|
| 129 |
jQuery('#link_id').hide();
|
| 130 |
}else if (reason == "Other Reasons:") {
|
| 131 |
+
jQuery('#other_plugins_installed').hide();
|
| 132 |
jQuery('#query_feedback').attr("placeholder", "Can you let us know the reason for deactivation");
|
| 133 |
jQuery('#query_feedback').prop('required', true);
|
| 134 |
jQuery('#link_id').hide();
|
| 135 |
}else{
|
| 136 |
+
jQuery('#other_plugins_installed').hide();
|
| 137 |
jQuery('#query_feedback').attr("placeholder", "Write your query here.");
|
| 138 |
jQuery('#link_id').hide();
|
| 139 |
}
|
views/test_2fa_notification.php
ADDED
|
@@ -0,0 +1,37 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 1 |
+
<?php
|
| 2 |
+
|
| 3 |
+
function mo2f_display_test_2fa_notification( $user ) {
|
| 4 |
+
global $Mo2fdbQueries;
|
| 5 |
+
$mo2f_configured_2FA_method = $Mo2fdbQueries->get_user_detail( 'mo2f_configured_2FA_method', $user->ID );
|
| 6 |
+
|
| 7 |
+
?>
|
| 8 |
+
<!DOCTYPE html>
|
| 9 |
+
<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js"></script>
|
| 10 |
+
<div id="twoFAtestAlertModal" class="mo2f_modal mo2f_modal_inner fade" role="dialog">
|
| 11 |
+
<div class="mo2f_modal-dialog">
|
| 12 |
+
<!-- Modal content-->
|
| 13 |
+
<div class="login mo_customer_validation-modal-content" style="width:660px !important;">
|
| 14 |
+
<div class="mo2f_modal-header">
|
| 15 |
+
<button type="button" class="mo2f_close" data-dismiss="modal">×</button>
|
| 16 |
+
<h2 class="mo2f_modal-title" style="font-family: Roboto,Helvetica,Arial,sans-serif;">2FA Setup Successful.</h2>
|
| 17 |
+
</div>
|
| 18 |
+
<div class="mo2f_modal-body">
|
| 19 |
+
<p style="font-size:14px;"><b><?php echo $mo2f_configured_2FA_method; ?> </b> has been set as your 2-factor authentication method.
|
| 20 |
+
<br><br>Please test the login flow once with 2nd factor in another browser or in an incognito window of the
|
| 21 |
+
same browser to ensure you don't get locked out of your site.</p>
|
| 22 |
+
</div>
|
| 23 |
+
<div class="mo2f_modal-footer">
|
| 24 |
+
<button type="button" class="button button-primary" data-dismiss="modal">Got it!</button>
|
| 25 |
+
</div>
|
| 26 |
+
</div>
|
| 27 |
+
</div>
|
| 28 |
+
</div>
|
| 29 |
+
|
| 30 |
+
<script>
|
| 31 |
+
jQuery(function () {
|
| 32 |
+
jQuery('#twoFAtestAlertModal').modal('toggle');
|
| 33 |
+
});
|
| 34 |
+
</script>
|
| 35 |
+
|
| 36 |
+
<?php }
|
| 37 |
+
?>
|
