PluginProbe ʕ •ᴥ•ʔ
WPCode – Insert Headers and Footers + Custom Code Snippets – WordPress Code Manager / 2.1.10
WPCode – Insert Headers and Footers + Custom Code Snippets – WordPress Code Manager v2.1.10
2.3.6 trunk 1.1 1.2 1.3 1.3.1 1.3.2 1.3.3 1.4 1.4.1 1.4.2 1.4.3 1.4.4 1.4.5 1.4.6 1.5.0 1.6.0 1.6.1 1.6.2 2.0.0 2.0.1 2.0.10 2.0.11 2.0.12 2.0.13 2.0.13.1 2.0.2 2.0.3 2.0.4 2.0.4.1 2.0.4.2 2.0.4.3 2.0.4.4 2.0.5 2.0.6 2.0.7 2.0.8 2.0.8.1 2.0.9 2.1.0 2.1.1 2.1.10 2.1.11 2.1.12 2.1.13 2.1.14 2.1.2 2.1.3 2.1.3.1 2.1.4 2.1.4.1 2.1.5 2.1.6 2.1.7 2.1.8 2.1.9 2.2.0 2.2.1 2.2.2 2.2.3 2.2.3.1 2.2.4 2.2.4.1 2.2.5 2.2.6 2.2.7 2.2.8 2.2.9 2.3.0 2.3.1 2.3.2 2.3.2.1 2.3.3 2.3.4 2.3.5
insert-headers-and-footers / includes / class-wpcode-library-auth.php
insert-headers-and-footers / includes Last commit date
admin 2 years ago auto-insert 2 years ago conditional-logic 2 years ago execute 2 years ago generator 2 years ago lite 2 years ago capabilities.php 2 years ago class-wpcode-admin-bar-info.php 2 years ago class-wpcode-auto-insert.php 2 years ago class-wpcode-capabilities.php 3 years ago class-wpcode-conditional-logic.php 2 years ago class-wpcode-error.php 2 years ago class-wpcode-file-cache.php 2 years ago class-wpcode-file-logger.php 3 years ago class-wpcode-generator.php 3 years ago class-wpcode-install.php 2 years ago class-wpcode-library-auth.php 2 years ago class-wpcode-library.php 2 years ago class-wpcode-settings.php 2 years ago class-wpcode-smart-tags.php 3 years ago class-wpcode-snippet-cache.php 2 years ago class-wpcode-snippet-execute.php 2 years ago class-wpcode-snippet.php 2 years ago compat.php 2 years ago global-output.php 2 years ago helpers.php 2 years ago icons.php 2 years ago ihaf.php 3 years ago legacy.php 3 years ago pluggable.php 2 years ago post-type.php 2 years ago safe-mode.php 2 years ago shortcode.php 2 years ago
class-wpcode-library-auth.php
245 lines
1 <?php
2 /**
3 * Class for handling the WPCode library authentication.
4 *
5 * @package WPCode
6 */
7
8 /**
9 * Class WPCode_Library_Auth.
10 */
11 class WPCode_Library_Auth {
12 /**
13 * The base api URL.
14 *
15 * @var string
16 */
17 public $library_url = 'https://library.wpcode.com';
18
19 /**
20 * Is the current plugin authenticated with the WPCode Library?
21 *
22 * @var bool
23 */
24 private $has_auth;
25
26 /**
27 * The api key used for authenticated requests to the library.
28 *
29 * @var string
30 */
31 private $auth_key;
32
33 /**
34 * The auth data from the db.
35 *
36 * @var array
37 */
38 private $auth_data;
39
40 /**
41 * Library auth constructor.
42 */
43 public function __construct() {
44 add_action( 'wp_ajax_wpcode_library_store_auth', array( $this, 'store_auth_key' ) );
45 add_action( 'wp_ajax_wpcode_library_delete_auth', array( $this, 'delete_auth' ) );
46 }
47
48 /**
49 * Ajax handler that returns the auth url used to start the Connect process.
50 *
51 * @return string
52 */
53 public function auth_url() {
54
55 if ( $this->has_auth() ) {
56 return '';
57 }
58
59 $site_name = get_bloginfo( 'name' );
60 if ( empty( $site_name ) ) {
61 $site_name = __( 'Your WordPress Site', 'insert-headers-and-footers' );
62 }
63
64 // This is needed, so we don't run into issues with special characters.
65 // Base64 encode without padding for better compatibility between PHP versions.
66 $site_name = rtrim( strtr( base64_encode( $site_name ), '+/', '-_' ), '=' );
67
68 $auth_url = add_query_arg(
69 array(
70 'site' => $site_name,
71 'version' => WPCODE_VERSION,
72 ),
73 $this->get_api_url( 'connect' )
74 );
75
76 return $auth_url;
77 }
78
79 /**
80 * Get the full URL to an API endpoint by passing the path.
81 *
82 * @param string $path The path for the API endpoint.
83 *
84 * @return string
85 */
86 public function get_api_url( $path ) {
87 return trailingslashit( $this->library_url ) . 'api/' . $path;
88 }
89
90 /**
91 * Ajax handler to save the auth API key.
92 *
93 * @return void
94 */
95 public function store_auth_key() {
96 check_ajax_referer( 'wpcode_admin' );
97
98 if ( ! current_user_can( 'wpcode_activate_snippets' ) ) {
99 wp_send_json_error( esc_html__( 'You do not have permissions to connect WPCode to the library.', 'insert-headers-and-footers' ) );
100 }
101
102 $key = ! empty( $_POST['key'] ) ? sanitize_key( $_POST['key'] ) : false;
103 $username = ! empty( $_POST['username'] ) ? sanitize_user( wp_unslash( $_POST['username'] ) ) : false;
104 $origin = ! empty( $_POST['origin'] ) ? esc_url_raw( wp_unslash( $_POST['origin'] ) ) : false;
105 $deploy_snippet_id = ! empty( $_POST['deploy_snippet_id'] ) ? sanitize_key( $_POST['deploy_snippet_id'] ) : false;
106
107 if ( ! $key || $this->library_url !== $origin ) {
108 wp_send_json_error();
109 }
110
111 $this->save_auth_data( $key, $username );
112
113 if ( ! empty( $deploy_snippet_id ) ) {
114 // If we have a snippet id from the deployment process, set that as a transient to show a notice, so they can pick up where they started.
115 set_transient( 'wpcode_deploy_snippet_id', $deploy_snippet_id, HOUR_IN_SECONDS );
116 }
117
118 // Reset the auth data.
119 unset( $this->auth_data );
120 unset( $this->auth_key );
121 unset( $this->has_auth );
122
123 do_action( 'wpcode_library_api_auth_connected' );
124
125 wp_send_json_success(
126 array(
127 'title' => __( 'Authentication successfully completed', 'insert-headers-and-footers' ),
128 'text' => __( 'Reloading page, please wait.', 'insert-headers-and-footers' ),
129 )
130 );
131 }
132
133 /**
134 * Save the auth data to the db.
135 *
136 * @param string $key The auth key.
137 * @param string $username The username.
138 *
139 * @return void
140 */
141 public function save_auth_data( $key, $username ) {
142 // Don't autoload this as we'll only need it on some pages and in specific requests.
143 update_option(
144 'wpcode_library_api_auth',
145 array(
146 'key' => $key,
147 'username' => $username,
148 'connected_at' => time(),
149 ),
150 false
151 );
152 }
153
154 /**
155 * Ajax handler to delete the auth data and disconnect the site from the WPCode Library.
156 *
157 * @return void
158 */
159 public function delete_auth() {
160 check_ajax_referer( 'wpcode_admin' );
161
162 if ( ! current_user_can( 'wpcode_activate_snippets' ) ) {
163 wp_send_json_error( esc_html__( 'You do not have permissions to connect WPCode to the library.', 'insert-headers-and-footers' ) );
164 }
165
166 if ( $this->delete_auth_data() ) {
167 do_action( 'wpcode_library_api_auth_deleted' );
168 wp_send_json_success();
169 }
170
171 wp_send_json_error();
172 }
173
174 /**
175 * Delete the auth data from the db.
176 *
177 * @return bool
178 */
179 public function delete_auth_data() {
180 return delete_option( 'wpcode_library_api_auth' );
181 }
182
183 /**
184 * Check if the site is authenticated.
185 *
186 * @return bool
187 */
188 public function has_auth() {
189 if ( ! isset( $this->has_auth ) ) {
190 $auth_key = $this->get_auth_key();
191
192 $this->has_auth = ! empty( $auth_key );
193 }
194
195 return $this->has_auth;
196 }
197
198 /**
199 * The auth key.
200 *
201 * @return bool|string
202 */
203 public function get_auth_key() {
204 if ( ! isset( $this->auth_key ) ) {
205 $data = $this->get_auth_data();
206 $this->auth_key = isset( $data['key'] ) ? $data['key'] : false;
207 }
208
209 return $this->auth_key;
210 }
211
212 /**
213 * Get the auth data from the db.
214 *
215 * @return array|bool
216 */
217 public function get_auth_data() {
218 if ( ! isset( $this->auth_data ) ) {
219 $this->auth_data = $this->load_auth_data();
220 }
221
222 return $this->auth_data;
223 }
224
225 /**
226 * Get the auth data from the db.
227 *
228 * @return array|bool
229 */
230 public function load_auth_data() {
231 return get_option( 'wpcode_library_api_auth', false );
232 }
233
234 /**
235 * The auth username.
236 *
237 * @return bool|string
238 */
239 public function get_auth_username() {
240 $data = $this->get_auth_data();
241
242 return isset( $data['username'] ) ? $data['username'] : false;
243 }
244 }
245