PluginProbe ʕ •ᴥ•ʔ
WP 2FA – Two-factor authentication for WordPress / 2.9.0
WP 2FA – Two-factor authentication for WordPress v2.9.0
4.0.0 1.7.1 2.0.0 2.0.1 2.1.0 2.2.0 2.2.1 2.3.0 2.4.0 2.4.1 2.4.2 2.5.0 2.6.0 2.6.1 2.6.2 2.6.3 2.6.4 2.7.0 2.8.0 2.9.0 2.9.1 2.9.2 2.9.3 3.0.0 3.0.1 3.1.0 3.1.1 3.1.1.2 trunk 1.2.0 1.3.0 1.4.0 1.4.1 1.4.2 1.5.0 1.5.1 1.5.2 1.6.0 1.6.1 1.6.2 1.7.0
wp-2fa / includes / classes / Admin / Methods / Traits / class-login-attempts.php
wp-2fa / includes / classes / Admin / Methods / Traits Last commit date
class-login-attempts.php 11 months ago class-methods-wizards-trait.php 11 months ago index.php 11 months ago
class-login-attempts.php
146 lines
1 <?php
2 /**
3 * Responsible for the plugin login attempts
4 *
5 * @package wp2fa
6 * @subpackage traits
7 * @copyright 2025 Melapress
8 * @license https://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0
9 * @link https://wordpress.org/plugins/wp-2fa/
10 */
11
12 namespace WP2FA\Admin\Methods\Traits;
13
14 use WP2FA\Admin\Helpers\User_Helper;
15
16 defined( 'ABSPATH' ) || exit; // Exit if accessed directly.
17
18 /**
19 * Responsible for the login attempts
20 *
21 * @since 2.4.1
22 */
23 trait Login_Attempts {
24
25 /**
26 * Holds the number of allowed attempts to login
27 *
28 * @var integer
29 *
30 * @since 2.4.1
31 */
32 private static $number_of_allowed_attempts = 3;
33
34 /**
35 * Increasing login attempts for User
36 *
37 * @since 2.4.1
38 *
39 * @param \WP_User $user - the WP User.
40 *
41 * @return void
42 */
43 public static function increase_login_attempts( \WP_User $user ) {
44 $attempts = self::get_login_attempts( $user );
45 if ( '' === $attempts ) {
46 $attempts = 0;
47 }
48 User_Helper::set_meta( self::$logging_attempts_meta_key, ++$attempts, $user );
49 }
50
51 /**
52 * Returns the number of unsuccessful attempts for the User
53 *
54 * @since 2.4.1
55 *
56 * @param \WP_User $user - the WP User.
57 *
58 * @return integer
59 */
60 public static function get_login_attempts( \WP_User $user ): int {
61 return (int) User_Helper::get_meta( self::$logging_attempts_meta_key, $user );
62 }
63
64 /**
65 * Clearing login attempts for User
66 *
67 * @since 2.4.1
68 *
69 * @param \WP_User $user - the WP User.
70 *
71 * @return void
72 */
73 public static function clear_login_attempts( \WP_User $user ) {
74 User_Helper::remove_meta( self::$logging_attempts_meta_key, $user );
75 }
76
77 /**
78 * Returns the number of allowed login attempts
79 *
80 * @return integer
81 *
82 * @since 2.4.1
83 */
84 public static function get_allowed_login_attempts(): int {
85 return self::$number_of_allowed_attempts;
86 }
87
88 /**
89 * Sets the number of allowed attempts
90 *
91 * @param integer $number - The number of the allowed attempts.
92 *
93 * @return integer
94 *
95 * @since 2.4.1
96 */
97 public static function set_number_of_login_attempts( int $number ): int {
98 self::$number_of_allowed_attempts = absint( $number );
99
100 return self::$number_of_allowed_attempts;
101 }
102
103 /**
104 * Returns the name of the meta key holding the login attempts for the user
105 *
106 * @return string
107 *
108 * @since 2.4.1
109 */
110 public static function get_meta_key(): string {
111 return sanitize_key( self::$logging_attempts_meta_key );
112 }
113
114 /**
115 * Sets the login attempts meta key
116 *
117 * @param string $logging_attempts_meta_key - The name of the meta.
118 *
119 * @return string
120 *
121 * @since 2.4.1
122 */
123 public static function set_meta_key( string $logging_attempts_meta_key ): string {
124 self::$logging_attempts_meta_key = sanitize_key( $logging_attempts_meta_key );
125
126 return self::$logging_attempts_meta_key;
127 }
128
129 /**
130 * Checks the number of login attempts
131 *
132 * @param \WP_User $user - The user we have to check for.
133 *
134 * @return boolean
135 *
136 * @since 2.4.1
137 */
138 public static function check_number_of_attempts( \WP_User $user ): bool {
139 if ( self::get_allowed_login_attempts() < self::get_login_attempts( $user ) ) {
140 return false;
141 }
142
143 return true;
144 }
145 }
146