Changeset 1968173
- Timestamp:
- 11/03/2018 09:36:43 AM (7 years ago)
- Location:
- byepass/trunk
- Files:
-
- 2 edited
-
byepass.php (modified) (7 diffs)
-
custom.js (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
-
byepass/trunk/byepass.php
r1966060 r1968173 5 5 Description: A plugin to enables passwordless login to Wordpress using Byepass. 6 6 Author URI: https://byepass.co/ 7 Domain Path: /languages 8 Text Domain: byepass 7 9 Version: 1.0.0 8 10 */ 9 11 12 // don't load the plugin file directly 13 if ( ! defined( 'ABSPATH' ) ) exit; 10 14 11 15 class byepass_plugin { 12 16 13 17 public function __construct() { 14 15 add_action( 'admin_init', array($this, 'register_mysettings') ); 16 add_action( 'admin_menu', array($this, 'byepass_info_menu') ); 17 18 //add_action('admin_init', 'registerByepass'); 19 18 19 add_action( 'admin_init', array( $this, 'register_mysettings' ) ); 20 add_action( 'admin_menu', array( $this, 'byepass_info_menu' ) ); 21 22 // Handle localisation 23 add_action( 'plugins_loaded', array( $this, 'i18n' ), 0 ); 24 20 25 //only show our login form if we have a key alredy 21 26 if (get_option('byepass_key') and strlen(get_option('byepass_key')) >= 32) { 22 27 add_action('login_head', array($this, 'byepass_login')); 28 } else { 29 add_action( 'admin_notices', array( $this, 'byepass_register_notice' ) ); 23 30 } 24 31 25 32 } 26 33 34 public function byepass_register_notice() { 35 ?> 36 <div class="notice notice-success is-dismissible"> 37 <p><a href="<?php echo admin_url('options-general.php?page=byepass'); ?>"><?php _e( 'Get API Keys for Byepass here to enable passwordless login!', 'byepass' ); ?></a></p> 38 </div> 39 <?php 40 } 41 27 42 public function register_mysettings() { 28 register_setting( 'byepass-settings', 'byepass_email' ); 43 register_setting( 'byepass-settings', 'byepass_email' ); 29 44 register_setting( 'byepass-settings', 'byepass_key' ); 30 45 register_setting( 'byepass-settings', 'byepass_secret' ); 31 46 } 32 33 public function byepass_info_menu() { 34 35 $page_title = 'Byepass Login'; 36 $menu_title = 'Byepass Login'; 37 $capability = 'manage_options'; 38 $menu_slug = 'byepass-setup'; 39 $function = 'byepass_info_page'; 40 $icon_url = 'dashicons-media-code'; 41 $position = 4; 42 43 add_menu_page( $page_title, 44 $menu_title, 45 $capability, 46 $menu_slug, 47 array($this, $function), 48 $icon_url, 49 $position ); 50 51 } 52 47 48 49 // Register submenu 50 public function byepass_info_menu() { 51 add_submenu_page( 52 'options-general.php', 53 __( 'Byepass Login', 'byepass' ), 54 __( 'Byepass Login', 'byepass' ), 55 'manage_options', 56 'byepass', 57 array( $this, 'byepass_info_page' ) 58 ); 59 } 60 53 61 54 62 … … 61 69 } 62 70 } 63 71 64 72 return $url; 65 73 } … … 68 76 69 77 public function update_byepass_info($email,$callback) { 70 78 71 79 $email = sanitize_email($email); 72 80 $callback = esc_url_raw($callback); 73 74 if (!is_email($email)) { echo "bad email"; die; } 75 if (!wp_http_validate_url($callback)) { echo "bad url"; die; } 76 77 $ur = 81 82 if (!is_email($email)) { echo "bad email"; die; } 83 if (!wp_http_validate_url($callback)) { echo "bad url"; die; } 84 85 $ur = 78 86 "https://byepass.co/api/enroll/". 79 87 "?platform=wordpress&version=".get_bloginfo( 'version' ). 80 88 "&redirect=".addslashes($callback). 81 89 "&identifier=".$email; 82 90 83 91 $data = $this->byepass_get_url($ur, 5); 84 92 85 93 if ($data) { 86 94 $json = json_decode($data); … … 90 98 update_option( 'byepass_secret', $json->secret ); 91 99 92 add_action('login_head', array($this, 'byepass_login')); 100 remove_action( 'admin_notices', array( $this, 'byepass_register_notice' ) ); 101 102 add_action('login_head', array($this, 'byepass_login')); 93 103 94 104 } 95 105 } 96 97 } 98 99 100 101 public function byepass_info_page() { 102 $current_user = wp_get_current_user(); 106 107 } 108 109 110 111 public function byepass_info_page() { 112 $current_user = wp_get_current_user(); 103 113 if (isset($_POST['byepass_email']) and isset($_POST['byepass_callback'])) { 104 114 $this->update_byepass_info($_POST['byepass_email'],$_POST['byepass_callback']); 105 } 115 } else if (isset($_POST['byepass_reset']) and $_POST['byepass_reset'] == 1) { 116 update_option( 'byepass_email', NULL ); 117 update_option( 'byepass_key', NULL ); 118 update_option( 'byepass_secret', NULL ); 119 120 add_action( 'admin_notices', array( $this, 'byepass_register_notice' ) ); 121 } 106 122 ?> 107 <h1>Byepass - Passwordless Logins</h1> 108 <form method="post" action="#"> 109 110 <table class="form-table"> 111 <?php if (strpos(get_option('byepass_email'),"@") and strlen(get_option('byepass_key')) >= 32 and strlen(get_option('byepass_secret')) >= 32) { ?> 112 <tr valign="top"><td>Byepass is configured!</td></tr> 113 <tr valign="top"><td>To login use your Wordpress email: <?php echo sanitize_email(get_option('byepass_email')); ?>!</td></tr> 114 <tr valign="top"><td><a href="https://byepass.co" target="_blank">Login to Byepass.co to check stats</a></td></tr> 115 <tr valign="top"> 116 <th scope="row">Your email (registered with Byepass):</th> 117 <td><input type="text" name="email" value="<?php echo sanitize_email(get_option('byepass_email')); ?>" disabled="disabled"/></td> 118 </tr> 119 <tr valign="top"> 120 <th scope="row">Key:</th> 121 <td><input type="text" name="" value="<?php echo sanitize_text_field(get_option('byepass_key')); ?>" disabled="disabled"/></td> 122 </tr> 123 <tr valign="top"> 124 <th scope="row">Secret:</th> 125 <td><input type="text" name="" value="<?php echo sanitize_text_field(get_option('byepass_secret')); ?>" disabled="disabled"/></td> 126 </tr> 127 </table> 128 <?php } else { ?> 129 <tr valign="top"><th>Let's get your API keys!</th></tr> 130 <tr valign="top"> 131 <th scope="row">Your email (registered with Byepass):</th> 132 <td><input type="text" name="byepass_email" value="<?php echo $current_user->user_email; ?>"/></td> 133 </tr> 134 <tr valign="top"> 135 <th scope="row">Redirect URL (Don't change unless you know what you are doing.</th> 136 <td><input type="text" name="byepass_callback" value="<?php echo site_url()."/wp-login.php"; ?>"/></td> 137 </tr> 138 </table> 139 <?php submit_button("Get API Keys"); ?> 140 <?php } ?> 141 142 </form> 123 124 <h1><?php _e( 'Byepass - Passwordless Logins', 'byepass' ); ?></h1> 125 126 <form method="post" action="#"> 127 128 <table class="form-table"> 129 <?php if (strpos(get_option('byepass_email'),"@") and strlen(get_option('byepass_key')) >= 32 and strlen(get_option('byepass_secret')) >= 32) { ?> 130 131 <tr valign="top"><td><?php _e( 'Byepass is configured!', 'byepass' ); ?></td></tr> 132 133 <tr valign="top"><td> 134 <?php 135 /* translators: prints email address, keep space after colon */ 136 printf( 137 __( 'To login use your Wordpress email: ', 'byepass' ), 138 sanitize_email( get_option( 'byepass_email' ) ) 139 ); 140 ?> 141 </td></tr> 142 143 <tr valign="top"><td> 144 <a href="https://byepass.co" target="_blank"><?php _e( 'Login to Byepass.co to check stats', 'byepass' ); ?></a> 145 </td></tr> 146 147 <tr valign="top"> 148 <th scope="row"><?php _e( 'Your email (registered with Byepass):', 'byepass' ); ?></th> 149 <td><input type="text" name="" value="<?php echo sanitize_email(get_option('byepass_email')); ?>" disabled="disabled"/></td> 150 </tr> 151 152 <tr valign="top"> 153 <th scope="row"><?php _e( 'Key:', 'byepass' ); ?></th> 154 <td><input type="text" name="" value="<?php echo sanitize_text_field(get_option('byepass_key')); ?>" disabled="disabled"/></td> 155 </tr> 156 157 <tr valign="top"> 158 <th scope="row"><?php _e( 'Secret:', 'byepass' ); ?></th> 159 <td><input type="text" name="" value="<?php echo sanitize_text_field(get_option('byepass_secret')); ?>" disabled="disabled"/></td> 160 </tr> 161 <input type="hidden" name="byepass_reset" value="1"> 162 <?php submit_button( __( 'Reset/Clear Settings', 'byepass' ) ); ?> 163 164 <?php } else { ?> 165 166 <tr valign="top"><th><?php _e( 'Let\'s get your API keys!', 'byepass' ); ?></th></tr> 167 168 <tr valign="top"> 169 <th scope="row"><?php _e( 'Your email (registered with Byepass):', 'byepass' ); ?></th> 170 <td><input type="text" name="byepass_email" value="<?php echo $current_user->user_email; ?>"/></td> 171 </tr> 172 173 <tr valign="top"> 174 <th scope="row"><?php _e( 'Redirect URL (Don\'t change unless you know what you are doing.', 'byepass' ); ?></th> 175 <td><input type="text" name="byepass_callback" value="<?php echo site_url()."/wp-login.php"; ?>"/></td> 176 </tr> 177 <input type="hidden" name="byepass_reset" value="0"> 178 <?php submit_button( __( 'Get API Keys', 'byepass' ) ); ?> 179 180 <?php } ?> 181 182 </table> 183 184 185 186 </form> 187 143 188 <?php 144 189 } 145 190 146 147 191 public function byepass_login() { 148 149 150 $url = site_url() . '/wp-admin'; 151 192 193 194 $url = site_url() . '/wp-admin'; 195 152 196 if (isset($_REQUEST['challengeId'])) { 153 197 154 198 $challengeId = isset($_REQUEST['challengeId']) ? $_REQUEST['challengeId'] : false; 155 199 $oth = isset($_REQUEST['oth']) ? $_REQUEST['oth'] : false; 156 $identifier = isset($_REQUEST['identifier']) ? $_REQUEST['identifier'] : false; 157 200 $identifier = isset($_REQUEST['identifier']) ? $_REQUEST['identifier'] : false; 201 158 202 if ($identifier and $challengeId and $oth) { 159 203 160 204 $challengeId = sanitize_text_field($challengeId); 161 205 $oth = sanitize_text_field($oth); 162 206 $identifier = sanitize_email($identifier); 163 207 164 208 $user = get_user_by('email', $identifier); 165 209 166 210 //ensure user exists as a wordpress user before attempting to login with Byepass 167 if (empty($user->ID)) { 168 echo '<div id="login_error"><strong> Error:</strong>: Invalid email address, please use your Wordpress user email address.</div>';169 211 if (empty($user->ID)) { 212 echo '<div id="login_error"><strong>' . __( 'Error:' , 'byepass' ) . '</strong>: ' . __( 'Invalid email address, please use your Wordpress user email address.', 'byepass' ) .'</div>'; 213 170 214 //user exists let's authenticate with Byepass 171 215 } else { 172 173 $ur = 216 217 $ur = 174 218 "https://byepass.co/api/verify/". 175 219 "?challengeId=$challengeId". … … 178 222 "&key=" . sanitize_text_field(get_option('byepass_key')). 179 223 "&secret=" .sanitize_text_field(get_option("byepass_secret")); 180 224 181 225 $data = $this->byepass_get_url($ur, 5); 182 226 183 227 if ($data === false) { 184 228 // error message 185 echo '<div id="login_error"><strong> Error communicating with Byepass</strong>.</div>';229 echo '<div id="login_error"><strong>' . __( 'Error communicating with Byepass', 'byepass' ) . '</strong>.</div>'; 186 230 exit; 187 231 } else { … … 189 233 if ($json->success and (time() - strtotime($json->challenge_ts) < 300)) { 190 234 $user = get_user_by('email', $identifier); 191 if (!empty($user->ID)) { 235 if (!empty($user->ID)) { 192 236 wp_set_auth_cookie($user->ID, 0); 193 237 if (wp_redirect($url)) { … … 195 239 } 196 240 } else { 197 echo '<div id="login_error"><strong> Error:</strong>: Invalid email address, please use your Wordpress user email address.</div>';241 echo '<div id="login_error"><strong>' . __( 'Error:' , 'byepass' ) . '</strong>: ' . __( 'Invalid email address, please use your Wordpress user email address.', 'byepass' ) . '</div>'; 198 242 } 199 243 } else if ($json->success and (time() - strtotime($json->challenge_ts) > 300)) { 200 echo '<div id="login_error"><strong> Error: authorisation expired, login again</strong></div>';244 echo '<div id="login_error"><strong>' . __( 'Error: authorisation expired, login again', 'byepass' ) . '</strong></div>'; 201 245 } else { 202 echo '<div id="login_error"><strong>Error: ('.esc_html($json->status).')</strong></div>'; 246 /* translators: prints status message */ 247 printf( 248 '<div id="login_error"><strong>' . __( 'Error: (%s)', 'byepass' ) . '</strong></div>', 249 esc_html( $json->status ) 250 ); 203 251 } 204 205 252 253 206 254 } 207 255 } 208 256 } 209 257 } 210 211 212 wp_enqueue_style( 'byepass-custom-css', plugins_url() . '/byepass/style.css', __FILE__ ) ; 213 echo 258 259 260 wp_enqueue_style( 'byepass-custom-css', plugins_url() . '/byepass/style.css', __FILE__ ) ; 261 echo 214 262 '<form method="post" id="bsubmit" style="background:transparent;box-shadow:none;" action="https://byepass.co/redirect" method="post">'. 215 263 '<input type="hidden" name="key" value="' . get_option("byepass_key") . '">'. 216 '<input type="hidden" name="identifier" placeholder=" Email" required="">'.264 '<input type="hidden" name="identifier" placeholder="' . __( 'Email', 'byepass' ) . '" required="">'. 217 265 '</form>'; 218 266 wp_enqueue_script('byepass-custom-script', plugins_url() . '/byepass/custom.js', array('jquery'), null, true); 219 } 220 267 wp_localize_script( 'byepass-i18n', 'objectL10n', array( 268 'submit' => esc_html__( 'Byepass Login', 'byepass' ), 269 'email' => esc_html__( 'Email', 'byepass' ) . '<br><input type="text" name="log" id="user_login" class="input" value="" size="20">' 270 ) ); 271 } 272 273 // Loads the translation file. 274 function i18n() { 275 276 load_plugin_textdomain( 'byepass', false, basename( dirname( __FILE__ ) ) . '/languages/' ); 277 278 } 221 279 222 280 } -
byepass/trunk/custom.js
r1965017 r1968173 6 6 return false; 7 7 }); 8 jQuery('input#wp-submit').val('Byepass Login'); 9 jQuery('label[for="user_login"]').html('Email<br><input type="text" name="log" id="user_login" class="input" value="" size="20">'); 8 jQuery('input#wp-submit').val(objectL10n.submit); 9 jQuery('label[for="user_login"]').html(objectL10n.email); 10 //jQuery('label[for="user_login"]').html('Email<br><input type="text" name="log" id="user_login" class="input" value="" size="20">'); 10 11 jQuery('#login_error').prependTo(jQuery('#login')); 11 12 });
Note: See TracChangeset
for help on using the changeset viewer.