Skip to content

#906: add early notice for soon exhausting recovery codes #907

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
masteradhoc wants to merge 1 commit into
base: master
Choose a base branch
from
+71 −21
Open

#906: add early notice for soon exhausting recovery codes #907

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
92 changes: 71 additions & 21 deletions providers/class-two-factor-backup-codes.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,14 @@ class Two_Factor_Backup_Codes extends Two_Factor_Provider {
*/
const NUMBER_OF_CODES = 10;

/**
* The default number of remaining codes at or below which the user is
* warned to regenerate, before they run out entirely.
*
* @type int
*/
const LOW_CODES_THRESHOLD = 2;

/**
* Class constructor.
*
Expand Down Expand Up @@ -97,7 +105,7 @@ public function register_rest_routes() {
}

/**
* Displays an admin notice when backup codes have run out.
* Displays an admin notice when backup codes have run out, or are running low.
*
* @since 0.1-dev
*
Expand All @@ -111,28 +119,70 @@ public function admin_notices() {
return;
}

// Return if we are not out of codes.
if ( $this->is_available_for_user( $user ) ) {
$count = self::codes_remaining_for_user( $user );
$regenerate_url = esc_url( get_edit_user_link( $user->ID ) . '#two-factor-backup-codes' );

// Out of codes: show an error and bail.
if ( 0 === $count ) {
?>
<div class="error">
<p>
<span>
<?php
echo wp_kses(
sprintf(
/* translators: %s: URL for code regeneration */
__( 'Two-Factor: You are out of recovery codes and need to <a href="%s">regenerate!</a>', 'two-factor' ),
$regenerate_url
),
array( 'a' => array( 'href' => true ) )
);
?>
</span>
</p>
</div>
<?php
return;
}
?>
<div class="error">
<p>
<span>
<?php
echo wp_kses(
sprintf(
/* translators: %s: URL for code regeneration */
__( 'Two-Factor: You are out of recovery codes and need to <a href="%s">regenerate!</a>', 'two-factor' ),
esc_url( get_edit_user_link( $user->ID ) . '#two-factor-backup-codes' )
),
array( 'a' => array( 'href' => true ) )
);
?>
</span>
</p>
</div>
<?php

/**
* Filters the number of remaining recovery codes at or below which the
* user is warned to regenerate, before they run out entirely.
*
* @since 0.17.0
*
* @param int $threshold Number of remaining codes that triggers the warning. Default 2.
* @param WP_User $user User object.
*/
$threshold = (int) apply_filters( 'two_factor_backup_codes_low_threshold', self::LOW_CODES_THRESHOLD, $user );

// Running low: warn the user before they hit zero.
if ( $count <= $threshold ) {
?>
<div class="notice notice-warning">
<p>
<span>
<?php
echo wp_kses(
sprintf(
/* translators: 1: number of recovery codes remaining, 2: URL for code regeneration */
_n(
'Two-Factor: You only have %1$s recovery code left. <a href="%2$s">Regenerate your codes</a> now before you run out.',
'Two-Factor: You only have %1$s recovery codes left. <a href="%2$s">Regenerate your codes</a> now before you run out.',
$count,
'two-factor'
),
number_format_i18n( $count ),
$regenerate_url
),
array( 'a' => array( 'href' => true ) )
);
?>
</span>
</p>
</div>
<?php
}
}

/**
Expand Down
Loading