PluginProbe ʕ •ᴥ•ʔ
WP 2FA – Two-factor authentication for WordPress / 2.9.2
WP 2FA – Two-factor authentication for WordPress v2.9.2
4.0.0 1.7.1 2.0.0 2.0.1 2.1.0 2.2.0 2.2.1 2.3.0 2.4.0 2.4.1 2.4.2 2.5.0 2.6.0 2.6.1 2.6.2 2.6.3 2.6.4 2.7.0 2.8.0 2.9.0 2.9.1 2.9.2 2.9.3 3.0.0 3.0.1 3.1.0 3.1.1 3.1.1.2 trunk 1.2.0 1.3.0 1.4.0 1.4.1 1.4.2 1.5.0 1.5.1 1.5.2 1.6.0 1.6.1 1.6.2 1.7.0
wp-2fa / includes / classes / Admin / Views / class-re-login-2fa.php
wp-2fa / includes / classes / Admin / Views Last commit date
class-first-time-wizard-steps.php 11 months ago class-grace-period-notifications.php 11 months ago class-passord-reset-2fa.php 11 months ago class-re-login-2fa.php 11 months ago class-wizard-steps.php 11 months ago index.php 11 months ago
class-re-login-2fa.php
167 lines
1 <?php
2 /**
3 * Roles and main settings user login again after 2FA setup class.
4 *
5 * @package wp2fa
6 * @subpackage views
7 *
8 * @copyright 2025 Melapress
9 * @license https://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0
10 *
11 * @see https://wordpress.org/plugins/wp-2fa/
12 */
13
14 declare(strict_types=1);
15
16 namespace WP2FA\Admin\Views;
17
18 use WP2FA\Utils\Settings_Utils;
19
20 if ( ! class_exists( '\WP2FA\Admin\Views\Re_Login_2FA' ) ) {
21 /**
22 * Re_Login_2FA - Class for rendering the plugin settings related to 2fa when user sets the 2FA method.
23 *
24 * @since 2.7.0
25 */
26 class Re_Login_2FA {
27 public const RE_LOGIN_SETTINGS_NAME = 're-login-2fa-show';
28
29 public const ENABLED_SETTING_VALUE = 're-login-2fa';
30
31 /**
32 * Inits all the class related hooks.
33 *
34 * @return void
35 *
36 * @since 2.7.0
37 */
38 public static function init() {
39 if ( is_admin() ) {
40 \add_filter( WP_2FA_PREFIX . 'before_grace_period', array( __CLASS__, 're_login_setting' ), 11, 5 );
41 \add_filter( WP_2FA_PREFIX . 'loop_settings', array( __CLASS__, 'add_setting_value' ) );
42 \add_action( 'wp_ajax_custom_ajax_logout', array( __CLASS__, 'redirect_after_logout' ) );
43 }
44 \add_filter( WP_2FA_PREFIX . 'default_settings', array( __CLASS__, 'add_default_settings' ) );
45 }
46
47 /**
48 * Logs out the current user and sends success message to the ajax request.
49 *
50 * @return void
51 *
52 * @since 2.7.0
53 */
54 public static function redirect_after_logout() {
55 \wp_logout();
56 ob_clean(); // probably overkill for this, but good habit.
57 \wp_send_json_success();
58 }
59
60 /**
61 * Shows the settings for the grace period notifications behavior.
62 *
63 * @param string $role - The name of the role.
64 * @param string $name_prefix - Name prefix for the input name, includes the role name if provided.
65 * @param string $data_role - Data attribute - used by the JS.
66 * @param string $role_id - The role name, used to identify the inputs.
67 *
68 * @return string
69 *
70 * @since 2.7.0
71 */
72 public static function reset_settings( string $role = '', string $name_prefix = '', string $data_role = '', string $role_id = '' ) {
73 ob_start();
74
75 $password_reset_action = Settings_Utils::get_setting_role( sanitize_text_field( $role ), self::RE_LOGIN_SETTINGS_NAME, true );
76 ?>
77 <div class="sub-setting-indent">
78 <fieldset>
79 <label for="<?php echo esc_attr( self::ENABLED_SETTING_VALUE . $role_id ); ?>" style="margin-bottom: 10px; display: inline-block;">
80 <input type="checkbox" name="<?php echo esc_attr( $name_prefix . '[' . self::RE_LOGIN_SETTINGS_NAME . ']' ); ?>"
81 id="<?php echo esc_attr( self::ENABLED_SETTING_VALUE . $role_id ); ?>"
82 <?php echo $data_role; // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped ?>
83 value="<?php echo esc_attr( self::ENABLED_SETTING_VALUE ); ?>" <?php checked( $password_reset_action, self::ENABLED_SETTING_VALUE ); ?> class="js-nested">
84 <span><?php echo esc_html__( 'Log out user after 2FA setup', 'wp-2fa' ); ?></span>
85 </label>
86 </fieldset>
87 </div>
88 <?php
89 $html_content = ob_get_contents();
90 ob_end_clean();
91
92 return $html_content;
93 }
94
95 /**
96 * Adds global plugin setting options.
97 *
98 * @param array $loop_settings - Array with current plugin settings.
99 *
100 * @return array
101 *
102 * @since 2.7.0
103 */
104 public static function add_setting_value( array $loop_settings ) {
105 $loop_settings[] = self::RE_LOGIN_SETTINGS_NAME;
106
107 return $loop_settings;
108 }
109
110 /**
111 * Adds the extension default settings to the main plugin settings.
112 *
113 * @param array $default_settings - array with plugin default settings.
114 *
115 * @return array
116 *
117 * @since 2.7.0
118 */
119 public static function add_default_settings( array $default_settings ) {
120 $default_settings[ self::RE_LOGIN_SETTINGS_NAME ] = self::RE_LOGIN_SETTINGS_NAME;
121
122 return $default_settings;
123 }
124
125 /**
126 * Password reset settings.
127 *
128 * @param string $content - HTML content.
129 * @param string $role - The name of the role.
130 * @param string $name_prefix - Name prefix for the input name, includes the role name if provided.
131 * @param string $data_role - Data attribute - used by the JS.
132 * @param string $role_id - The role name, used to identify the inputs.
133 *
134 * @return string
135 *
136 * @since 2.7.0
137 */
138 public static function re_login_setting( string $content, string $role = '', string $name_prefix = '', string $data_role = '', string $role_id = '' ) {
139 ob_start();
140 ?>
141 <h3><?php \esc_html_e( 'Do you want to logout users after setting up 2FA on their account?', 'wp-2fa' ); ?></h3>
142 <p class="description">
143 <?php \esc_html_e( 'When you enable this setting users will be logged out automatically after configuring 2FA and they will need to log back in.', 'wp-2fa' ); ?>
144 </p>
145
146 <table class="form-table">
147 <tbody>
148 <tr>
149 <th><label for="<?php echo esc_attr( self::ENABLED_SETTING_VALUE . $role_id ); ?>"><?php esc_html_e( 'Re-login', 'wp-2fa' ); ?></label></th>
150 <td>
151 <fieldset class="contains-hidden-inputs">
152 <?php echo self::reset_settings( sanitize_text_field( $role ), sanitize_text_field( $name_prefix ), sanitize_text_field( $data_role ), sanitize_text_field( $role_id ) ); // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped ?>
153 </fieldset>
154 </td>
155 </tr>
156 </tbody>
157 </table>
158 <?php
159
160 $content .= ob_get_contents();
161 ob_end_clean();
162
163 return $content;
164 }
165 }
166 }
167