Plugin is not working with custom login page
-
Is it possible to make code request form in a separate page or the new page?
I’m using Elementor widget for authorisation (wp-login.php is redirected to /login/ Elementor page) and I’m experiencing problems with it
Viewing 3 replies - 1 through 3 (of 3 total)
-
Patch:
Index: trunk/google-authenticator.php =================================================================== --- trunk/google-authenticator.php (revision 2866575) +++ trunk/google-authenticator.php (working copy) @@ -173,7 +173,7 @@ * Create a new random secret for the Google Authenticator app. * 16 characters, randomly chosen from the allowed Base32 characters * equals 10 bytes = 80 bits, as 256^10 = 32^16 = 2^80 - */ + */ function create_secret() { $chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ234567'; // allowed characters in Base32 $secret = ''; @@ -585,10 +585,10 @@ // Get the users secret $GA_secret = trim( get_user_option( 'googleauthenticator_secret', $user->ID ) ); - + // Figure out if user is using relaxed mode ? $GA_relaxedmode = trim( get_user_option( 'googleauthenticator_relaxedmode', $user->ID ) ); - + // Get the verification code entered by the user trying to login if ( !empty( $_POST['googleotp'] )) { // Prevent PHP notices when using app password login $otp = trim( $_POST[ 'googleotp' ] ); @@ -616,13 +616,17 @@ } else { // Wrong XMLRPC/APP password ! return new WP_Error( 'invalid_google_authenticator_password', __( '<strong>ERROR</strong>: The Google Authenticator password is incorrect.', 'google-authenticator' ) ); - } + } } else { if ( ! $this->is_two_screen_signin_enabled() ) { return new WP_Error( 'invalid_google_authenticator_token', __( '<strong>ERROR</strong>: The Google Authenticator code is incorrect or has expired.', 'google-authenticator' ) ); } else { wp_logout(); - $this->secondary_login_screen(); + if( ! function_exists( 'login_header' )) { + $this->redirect_to_secondary_login_screen( $username, $password ); + } else { + $this->secondary_login_screen(); + } exit; } } @@ -633,6 +637,34 @@ return $userstate; } +/* + * Redirect to wordpress login. + * https://stackoverflow.com/a/5576700 + */ +function redirect_to_secondary_login_screen( $username, $password ) { + + $redirect_to = isset( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : admin_url(); + ?> + <form name="loginform" id="loginform" action="<?php echo esc_url( site_url( 'wp-login.php', 'login_post' ) ); ?>" method="post"> + <input type="hidden" name="log" value="<?php echo esc_attr( $username ); ?>" /> + <input type="hidden" name="pwd" value="<?php echo esc_attr( $password ); ?>" /> + <?php if ( array_key_exists( 'rememberme', $_REQUEST ) && 'forever' === $_REQUEST[ 'rememberme']): ?> + <input name="rememberme" type="hidden" id="rememberme" value="forever" /> + <?php endif; ?> + <p><?php esc_html_e( 'Redirecting to Google Authenticator login.', 'google-authenticator' ); ?></p> + <p class="submit"> + <input type="hidden" name="wp-submit" id="wp-submit" class="button button-primary button-large" value="<?php esc_attr_e('Log In'); ?>" /> + <input type="hidden" name="redirect_to" value="<?php echo esc_attr($redirect_to); ?>" /> + <input type="hidden" name="testcookie" value="1" /> + </p> + </form> + + <script type="text/javascript"> + document.getElementById('loginform').submit(); + </script> + <?php +} + function secondary_login_screen() { $redirect_to = isset( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : admin_url(); login_header( esc_html__('Secondary Login Screen', 'google-authenticator' ) ); @@ -686,7 +718,7 @@ // If editing of Google Authenticator settings has been disabled, just return $GA_hidefromuser = trim( get_user_option( 'googleauthenticator_hidefromuser', $user_id ) ); if ( $GA_hidefromuser == 'enabled') return; - + $GA_secret = trim( get_user_option( 'googleauthenticator_secret', $user_id ) ); $GA_enabled = trim( get_user_option( 'googleauthenticator_enabled', $user_id ) ); $GA_relaxedmode = trim( get_user_option( 'googleauthenticator_relaxedmode', $user_id ) ); @@ -693,7 +725,7 @@ $GA_description = trim( get_user_option( 'googleauthenticator_description', $user_id ) ); $GA_pwdenabled = trim( get_user_option( 'googleauthenticator_pwdenabled', $user_id ) ); $GA_password = trim( get_user_option( 'googleauthenticator_passwords', $user_id ) ); - + // We dont store the generated app password in cleartext so there is no point in trying // to show the user anything except from the fact that a password exists. if ( $GA_password != '' ) { @@ -704,7 +736,7 @@ if ( '' == $GA_secret ) { $GA_secret = array_key_exists( 'GA_secret', $_REQUEST ) ? sanitize_text_field( $_REQUEST[ 'GA_secret' ] ) : $this->create_secret(); } - + if ( '' == $GA_description ) { // Super admins and users with accounts on more than one site get the network name as the helpful name, // everyone else gets the site that they're on @@ -714,7 +746,7 @@ $GA_description = sanitize_text_field( get_bloginfo( 'name' ) ); } } - + echo "<h3>".__( 'Google Authenticator Settings', 'google-authenticator' )."</h3>\n"; echo "<table class=\"form-table\">\n"; @@ -818,7 +850,7 @@ var qrcode="otpauth://totp/WordPress:"+escape(jQuery('#GA_description').val())+"?secret="+jQuery('#GA_secret').val()+"&issuer=WordPress"; jQuery('#GA_QRCODE').qrcode(qrcode); jQuery('#GA_QR_INFO').show('slow'); - }); + }); }); // If the user starts modifying the description, hide the qrcode @@ -839,9 +871,9 @@ jQuery.post(ajaxurl, data, function(response) { jQuery('#GA_password').val(response['new-secret'].match(new RegExp(".{0,4}","g")).join(' ')); jQuery('#GA_passworddesc').show(); - }); + }); }); - + jQuery('#GA_enabled').bind('change',function() { GoogleAuthenticator_apppasswordcontrol(); }); @@ -850,7 +882,7 @@ jQuery('#GA_passworddesc').hide(); GoogleAuthenticator_apppasswordcontrol(); }); - + function GoogleAuthenticator_apppasswordcontrol() { if (jQuery('#GA_enabled').is(':checked')) { jQuery('#GA_pwdenabled').removeAttr('disabled'); @@ -893,7 +925,7 @@ $GA_secret = trim( $_POST['GA_secret'] ); $GA_pwdenabled = ! empty( $_POST['GA_pwdenabled'] ); $GA_password = str_replace(' ', '', trim( $_POST['GA_password'] ) ); - + if ( ! $GA_enabled ) { $GA_enabled = 'disabled'; } else { @@ -912,7 +944,7 @@ } else { $GA_pwdenabled = 'enabled'; } - + // Only store password if a new one has been generated. if (strtoupper($GA_password) != 'XXXXXXXXXXXXXXXX' ) { // Store the password in a format that can be expanded easily later on if needed. @@ -919,7 +951,7 @@ $GA_password = array( 'appname' => 'Default', 'password' => wp_hash_password( $GA_password ) ); update_user_option( $user_id, 'googleauthenticator_passwords', json_encode( $GA_password ), true ); } - + update_user_option( $user_id, 'googleauthenticator_enabled', $GA_enabled, true ); update_user_option( $user_id, 'googleauthenticator_description', $GA_description, true ); update_user_option( $user_id, 'googleauthenticator_relaxedmode', $GA_relaxedmode, true ); @@ -963,7 +995,7 @@ */ function edit_user_profile_update() { global $user_id; - + $GA_enabled = ! empty( $_POST['GA_enabled'] ); $GA_hidefromuser = ! empty( $_POST['GA_hidefromuser'] ); @@ -993,7 +1025,7 @@ // Some AJAX security. check_ajax_referer( 'GoogleAuthenticatoraction', 'nonce' ); - + // Create new secret. $secret = $this->create_secret(); @@ -1002,7 +1034,7 @@ echo json_encode( $result ); // die() is required to return a proper result - die(); + die(); } } // end class
Viewing 3 replies - 1 through 3 (of 3 total)
- The topic ‘Plugin is not working with custom login page’ is closed to new replies.
