| + |
diff --git a/class.two-factor-force.php b/class.two-factor-force.php
new file mode 100644
index 00000000..38e6830f
--- /dev/null
+++ b/class.two-factor-force.php
@@ -0,0 +1,506 @@
+ID ) ) {
+ return $redirect_to;
+ };
+
+ // Append redirect_to URL.
+ return add_query_arg(
+ [
+ 'force_2fa_screen' => 1,
+ 'redirect_to' => rawurlencode( $requested_redirect_to ),
+ ],
+ admin_url()
+ );
+ }
+
+ /**
+ * Maybe force the 2fa login page on a user.
+ *
+ * If 2fa is required for a user (based on universal or role settings),
+ * we display the 2-factor options page so that a user must validly enable
+ * a 2-factor authentication of some kind to perform any action on their site.
+ * This occurs both on the front and backend.
+ */
+ public static function maybe_redirect_to_2fa_settings() {
+ if ( ! self::should_user_redirect( get_current_user_id() ) || isset( $_GET['force_2fa_screen'] ) ) {
+ return;
+ }
+
+ // We are now forced to display the two-factor settings page.
+ wp_safe_redirect( add_query_arg(
+ 'force_2fa_screen',
+ 1,
+ admin_url()
+ ) );
+ exit;
+ }
+
+ /**
+ * On front and backend requests, display
+ */
+ public static function maybe_display_2fa_settings() {
+ // phpcs:ignore We are validating that the value exists and are not processing it.
+ if ( ! isset( $_GET['force_2fa_screen'] ) || ! $_GET['force_2fa_screen'] ) {
+ return;
+ }
+
+ if ( ! self::should_user_redirect( get_current_user_id() ) ) {
+ $url = admin_url();
+
+ if ( isset( $_GET['redirect_to'] ) ) {
+ // phpcs:ignore This IS the proper sanitization for URLs.
+ $url = esc_url_raw( urldecode( $_GET['redirect_to'] ) );
+ }
+
+ wp_safe_redirect( $url );
+ exit;
+ }
+
+ self::force_2fa_login_html();
+ exit;
+ }
+
+ /**
+ * Check whether or not a user should be redirected to the force 2fa screen.
+ *
+ * @param int $user_id ID of the user to check against.
+ * @return bool Whether or not user should be forced to 2fa screen.
+ */
+ public static function should_user_redirect( $user_id ) {
+ // This should not affect AJAX or REST requests, carry on.
+ if ( wp_doing_ajax() || ( defined( 'REST_REQUEST' ) && REST_REQUEST ) ) {
+ return false;
+ }
+
+ // Should not interrupt logging in or out.
+ if ( self::is_login_page() ) {
+ return false;
+ }
+
+ // If user is not logged in, they can't 2fa anyway.
+ if ( ! is_user_logged_in() ) {
+ return false;
+ }
+
+ // 2fa is not forced for current user, nothing to show.
+ if ( ! self::is_two_factor_forced( $user_id ) ) {
+ return false;
+ }
+
+ // The current user is already using two-factor, good for them!
+ if ( Two_Factor_Core::is_user_using_two_factor() ) {
+ return false;
+ }
+
+ return true;
+ }
+
+ /**
+ * Generates the html for adding 2-factor authentication to their account, if forced.
+ *
+ * If a user hits this screen, they must setup 2fa and do not get to skip.
+ *
+ * @since 0.1-dev
+ */
+ public static function force_2fa_login_html() {
+ wp_enqueue_script( 'jquery' );
+ wp_enqueue_script( 'two-factor-form-script' );
+
+ // If Fido is a valid 2fa Provider, enqueue its assets.
+ $providers = Two_Factor_Core::get_providers();
+ if ( in_array( 'Two_Factor_FIDO_U2F', array_keys( $providers ), true ) ) {
+ Two_Factor_FIDO_U2F_Admin::enqueue_assets( 'profile.php' );
+ wp_enqueue_style( 'common' );
+ wp_enqueue_style( 'list-tables' );
+ }
+
+ if ( isset( $providers[ 'Two_Factor_Totp' ] ) ) {
+ $providers[ 'Two_Factor_Totp' ]->enqueue_assets( 'profile.php' );
+ }
+
+ if ( ! function_exists( 'login_header' ) ) {
+ // We really should migrate login_header() out of `wp-login.php` so it can be called from an includes file.
+ include_once( TWO_FACTOR_DIR . 'includes/function.login-header.php' );
+ }
+
+ login_header();
+
+ $user = wp_get_current_user();
+
+ // Display the form for updating a user's two-factor options.
+ ?>
+
+
+
+ + + + + + + + + + + |
|---|