PluginProbe ʕ •ᴥ•ʔ
WP 2FA – Two-factor authentication for WordPress / 1.4.1
WP 2FA – Two-factor authentication for WordPress v1.4.1
4.0.0 1.7.1 2.0.0 2.0.1 2.1.0 2.2.0 2.2.1 2.3.0 2.4.0 2.4.1 2.4.2 2.5.0 2.6.0 2.6.1 2.6.2 2.6.3 2.6.4 2.7.0 2.8.0 2.9.0 2.9.1 2.9.2 2.9.3 3.0.0 3.0.1 3.1.0 3.1.1 3.1.1.2 trunk 1.2.0 1.3.0 1.4.0 1.4.1 1.4.2 1.5.0 1.5.1 1.5.2 1.6.0 1.6.1 1.6.2 1.7.0
wp-2fa / includes / classes / Admin / UserNotices.php
wp-2fa / includes / classes / Admin Last commit date
SettingsPage.php 5 years ago SetupWizard.php 5 years ago UserNotices.php 5 years ago UserProfile.php 5 years ago UserRegistered.php 5 years ago
UserNotices.php
162 lines
1 <?php // phpcs:ignore
2
3 namespace WP2FA\Admin;
4
5 use \WP2FA\WP2FA as WP2FA;
6 use \WP2FA\Authenticator\Authentication as Authentication;
7
8 /**
9 * UserNotices - Class for displaying notices to our users.
10 */
11 class UserNotices {
12
13 /**
14 * Lets set things up
15 */
16 public function __construct() {
17 if ( ! empty( WP2FA::get_wp2fa_setting( 'enforcment-policy' ) ) ) {
18 // Check we are supposed to, before adding action to show nag.
19 if ( 'all-users' === WP2FA::get_wp2fa_setting( 'enforcment-policy' ) || 'certain-roles-only' === WP2FA::get_wp2fa_setting( 'enforcment-policy' ) || 'certain-users-only' === WP2FA::get_wp2fa_setting( 'enforcment-policy' ) ) {
20 add_action( 'admin_notices', array( $this, 'user_setup_2fa_nag' ) );
21 add_action( 'network_admin_notices', array( $this, 'user_setup_2fa_nag' ) );
22 } elseif ( 'do-not-enforce' === WP2FA::get_wp2fa_setting( 'enforcment-policy' ) ) {
23 add_action( 'admin_notices', array( $this, 'user_reconfigure_2fa_nag' ) );
24 add_action( 'network_admin_notices', array( $this, 'user_setup_2fa_nag' ) );
25 }
26 }
27 }
28
29 /**
30 * The nag content
31 */
32 public function user_setup_2fa_nag( $is_shortcode = '', $configure_2fa_url = '' ) {
33
34 $user = wp_get_current_user();
35
36 if ( isset( $_GET['user_id'] ) ) {
37 $current_profile_user_id = (int) $_GET['user_id'];
38 } elseif ( ! empty( $user ) ) {
39 $current_profile_user_id = $user->ID;
40 } else {
41 $current_profile_user_id = false;
42 }
43
44 if ( ! $current_profile_user_id || isset( $_GET['user_id'] ) && $_GET['user_id'] !== $user->ID || get_user_meta( $user->ID, 'wp_2fa_user_enforced_instantly', true ) ) {
45 return;
46 }
47
48 $class = 'notice notice-info wp-2fa-nag';
49 $grace_expiry = get_user_meta( $user->ID, 'wp_2fa_grace_period_expiry', true );
50 $reconfigure_2fa = get_user_meta( $user->ID, 'wp_2fa_user_needs_to_reconfigure_2fa', true );
51 if ( $reconfigure_2fa ) {
52 $message = esc_html__( 'The 2FA method you were using is no longer allowed on this website. Please reconfigure 2FA using one of the supported methods within', 'wp-2fa' );
53 } else {
54 $message = esc_html__( 'This website’s administrator requires you to enable 2FA authentication within', 'wp-2fa' );
55 }
56
57 $is_nag_dismissed = get_user_meta( $user->ID, 'wp_2fa_update_nag_dismissed', true );
58 $is_nag_needed = Authentication::is_user_eligible_for_2fa( $user->ID );
59 $is_user_excluded = WP2FA::is_user_excluded( $user->ID );
60 $enabled_methods = get_user_meta( $user->ID, 'wp_2fa_enabled_methods', true );
61
62 // Swap URLS depending on the context of this notice's display.
63 if ( isset( $is_shortcode ) && 'output_shortcode' === $is_shortcode ) {
64 if ( ! empty( $configure_2fa_url ) ) {
65 $setup_url = $configure_2fa_url;
66 } else {
67 if ( ! empty( WP2FA::get_wp2fa_setting( 'custom-user-page-id' ) ) ) {
68 $new_page_id = WP2FA::get_wp2fa_setting( 'custom-user-page-id' );
69 $new_page_permalink = get_permalink( $new_page_id );
70 if ( $new_page_permalink ) {
71 $setup_url = $new_page_permalink;
72 } else {
73 $setup_url = admin_url( 'options-general.php?page=wp-2fa-setup&current-step=choose_2fa_method&first_time_setup=true' );
74 }
75 } else {
76 $setup_url = admin_url( 'options-general.php?page=wp-2fa-setup&current-step=choose_2fa_method&first_time_setup=true' );
77 }
78 }
79 } else {
80 if ( is_admin() ) {
81 if ( ! empty( WP2FA::get_wp2fa_setting( 'custom-user-page-id' ) ) ) {
82 $new_page_id = WP2FA::get_wp2fa_setting( 'custom-user-page-id' );
83 $new_page_permalink = get_permalink( $new_page_id );
84 if ( $new_page_permalink ) {
85 $setup_url = $new_page_permalink;
86 } else {
87 $setup_url = admin_url( 'options-general.php?page=wp-2fa-setup&current-step=choose_2fa_method&first_time_setup=true' );
88 }
89 } else {
90 $setup_url = admin_url( 'options-general.php?page=wp-2fa-setup&current-step=choose_2fa_method&first_time_setup=true' );
91 }
92 } else {
93 $setup_url = '#open-2fa-wizard';
94 }
95 }
96
97 // If the nag has not already been dismissed, and of course if the user is eligible, lets show them something.
98 if ( ! $is_nag_dismissed && $is_nag_needed && empty( $enabled_methods ) && ! $is_user_excluded && ! empty( $grace_expiry ) ) {
99 printf(
100 '<div class="%1$s"><p>%2$s <span class="grace-period-countdown" data-countdown-timestamp="%3$s"></span> <a href="%4$s" class="button button-primary">%5$s</a> <a href="#" class="button button-secondary dismiss-user-configure-nag">%6$s</a></p></div>',
101 esc_attr( $class ),
102 esc_html( $message ),
103 esc_attr( $grace_expiry ),
104 esc_url( $setup_url ),
105 esc_html__( 'Configure 2FA now', 'wp-2fa' ),
106 esc_html__( 'Remind me on next login', 'wp-2fa' )
107 );
108 }
109 }
110
111 /**
112 * The nag content
113 */
114 public function user_reconfigure_2fa_nag() {
115 $class = 'notice notice-info wp-2fa-nag';
116 $grace_period = WP2FA::get_wp2fa_setting( 'grace-period-expiry-time' );
117 $user = wp_get_current_user();
118 $reconfigure_2fa = get_user_meta( $user->ID, 'wp_2fa_user_needs_to_reconfigure_2fa', true );
119
120 $message = esc_html__( 'The 2FA method you were using is no longer allowed on this website. Please reconfigure 2FA using one of the supported methods.', 'wp-2fa' );
121
122 $enabled_methods = get_user_meta( $user->ID, 'wp_2fa_enabled_methods', true );
123 // If the nag has not already been dismissed, and of course if the user is eligible, lets show them something.
124 if ( ! empty( $reconfigure_2fa ) && empty( $enabled_methods ) ) {
125 printf(
126 '<div class="%1$s"><p>%2$s <a href="%4$s" class="button button-primary">%5$s</a> <a href="#" class="button button-secondary dismiss-user-reconfigure-nag">%6$s</a></p></div>',
127 esc_attr( $class ),
128 esc_html( $message ),
129 esc_attr( $grace_period ),
130 esc_url( admin_url( 'options-general.php?page=wp-2fa-setup&current-step=choose_2fa_method&first_time_setup=true' ) ),
131 esc_html__( 'Configure 2FA now', 'wp-2fa' ),
132 esc_html__( 'I\'ll do it later', 'wp-2fa' )
133 );
134 }
135 }
136
137 /**
138 * Dismiss notice and setup a user meta value so we know its been dismissed
139 */
140 public function dismiss_nag() {
141 $user = wp_get_current_user();
142 $updated = update_user_meta( $user->ID, 'wp_2fa_update_nag_dismissed', true );
143 }
144
145 /**
146 * Dismiss reconfigure nag
147 */
148 public function dismiss_reconfigure_nag() {
149 $user = wp_get_current_user();
150 $updated = delete_user_meta( $user->ID, 'wp_2fa_user_needs_to_reconfigure_2fa' );
151 }
152
153 /**
154 * Reset the nag when the user logs out, so they get it again next time.
155 */
156 public function reset_nag() {
157 $user = wp_get_current_user();
158 $deleted = delete_user_meta( $user->ID, 'wp_2fa_update_nag_dismissed' );
159 }
160
161 }
162