Skip to content

Commit

Permalink
Set a cookie when a session is validated.
Browse files Browse the repository at this point in the history
  • Loading branch information
dd32 committed Oct 8, 2024
1 parent 6f947ae commit f9b1c47
Showing 1 changed file with 39 additions and 0 deletions.
39 changes: 39 additions & 0 deletions revalidation/index.php
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,8 @@
namespace WordPressdotorg\Two_Factor;
use Two_Factor_Core;

const COOKIE_NAME = 'wporg_2fa_validation';

defined( 'WPINC' ) || die();

/**
Expand Down Expand Up @@ -79,3 +81,40 @@ function enqueue_assets() {
'status' => get_revalidation_status()
] );
}

add_action( 'two_factor_user_authenticated', __NAMESPACE__ . '\set_cookie' );
add_action( 'two_factor_user_revalidated', __NAMESPACE__ . '\set_cookie' );
function set_cookie() {
if ( ! apply_filters( 'send_auth_cookies', true, 0, 0, 0, '', '' ) ) {
return;
}

$status = get_revalidation_status();
$revalidation_expires_at = $status['expires_save'];
$last_validated = $status['last_validated'];

/*
* Set a cookie to let JS know when the user was last validated.
*
* The value is "wporg_2fa_validated=TIMESTAMP", where TIMESTAMP is the last time the user was validated.
* The cookie will expire a minute before the server would cease to accept the save action.
*/
setcookie(
COOKIE_NAME,
$last_validated,
$revalidation_expires_at - MINUTE_IN_SECONDS, // The cookie will cease to exist to JS at this time.
COOKIEPATH,
COOKIE_DOMAIN,
is_ssl(),
false // NOT HTTP only, this needs to be JS accessible.
);
}

add_action( 'clear_auth_cookie', __NAMESPACE__ . '\clear_cookie' );
function clear_cookie() {
if ( ! apply_filters( 'send_auth_cookies', true, 0, 0, 0, '', '' ) ) {
return;
}

setcookie( COOKIE_NAME, '', time() - YEAR_IN_SECONDS, COOKIEPATH, COOKIE_DOMAIN, is_ssl(), false );
}

0 comments on commit f9b1c47

Please sign in to comment.