Server IP : 104.21.14.48 / Your IP : 3.144.45.234 [ Web Server : Apache System : Linux b70eb322-3aee-0c53-7c82-0db91281f2c6.secureserver.net 6.1.90-1.el9.elrepo.x86_64 #1 SMP PREEMPT_DYNAMIC Thu May 2 12:09:22 EDT 2024 x86_64 User : root ( 0) PHP Version : 8.0.30.2 Disable Function : NONE Domains : 0 Domains MySQL : ON | cURL : ON | WGET : ON | Perl : OFF | Python : OFF | Sudo : OFF | Pkexec : OFF Directory : /var/www/wp-content/mu-plugins/vendor/wpsec/wp-2fa-plugin/src/utils/ |
Upload File : |
<?php namespace Wpsec\twofa\utils; /** * Nonce helper. * * @package Wpsec * @subpackage Wpsec/utils */ class NonceUtils { const USER_META_NONCE_KEY = 'wpsec_wp_2fa_nonce'; /** * Create the login nonce. * * @since 1.0.0 * * @param int $user_id User ID. * @return array|bool */ public static function create_login_nonce( $user_id ) { $login_nonce = array(); try { $login_nonce['key'] = bin2hex( random_bytes( 32 ) ); } catch ( \Exception $ex ) { $login_nonce['key'] = wp_hash( $user_id . mt_rand() . microtime(), 'nonce' ); } $login_nonce['expiration'] = time() + HOUR_IN_SECONDS; if ( ! update_user_meta( $user_id, self::USER_META_NONCE_KEY, $login_nonce ) ) { return false; } return $login_nonce; } /** * Verify the login nonce. * * @since 0.1-dev * * @param int $user_id User ID. * @param string $nonce Login nonce. * @return bool */ public static function verify_login_nonce( $user_id, $nonce ) { $login_nonce = get_user_meta( $user_id, self::USER_META_NONCE_KEY, true ); if ( ! $login_nonce ) { return false; } if ( $nonce !== $login_nonce['key'] || time() > $login_nonce['expiration'] ) { self::delete_login_nonce( $user_id ); return false; } return true; } /** * Delete the login nonce. * * @since 1.0.0 * * @param int $user_id User ID. * @return bool */ public static function delete_login_nonce( $user_id ) { return delete_user_meta( $user_id, self::USER_META_NONCE_KEY ); } }