Skip to content

Commit 3f25791

Browse files
FreelancerAMPFreelancerAMP
committed
CHANGES:
ADDED remote login functionality to background redirect back to client server
1 parent c9d8ac6 commit 3f25791

File tree

1 file changed

+69
-10
lines changed

1 file changed

+69
-10
lines changed

sso-rest-auth-client.php

Lines changed: 69 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -34,6 +34,10 @@ public function __construct()
3434
wp_die('Environmental Var KONTO_SERVER is not defined');
3535
}
3636
add_filter('authenticate', array($this, 'check_credentials'), 999, 3);
37+
add_action('login_head', array($this, 'login_through_token'));
38+
add_action('wp_logout', array($this, 'remote_logout'));
39+
add_action('wp_head', array($this, 'remote_login'));
40+
add_action('admin_head', array($this, 'remote_login'));
3741
add_action('admin_menu', array($this, 'add_invite_user_user_page'), 999);
3842
add_action('user_new_form_tag', array($this, 'redir_new_user'), 999);
3943
add_action('wp_ajax_search_user', 'ajax_search_user');
@@ -61,7 +65,7 @@ public function create_failed_login_log_table()
6165
`hash` char(32) NOT NULL DEFAULT '' ,
6266
`last_login` bigint(20) NULL ,
6367
`ip` varchar(30) NULL DEFAULT '' ,
64-
`username` varchar(30) NULL DEFAULT '' ,
68+
`username` varchar(36) NULL DEFAULT '' ,
6569
INDEX (`hash`)
6670
) $charset_collate;";
6771

@@ -88,20 +92,15 @@ public function check_login_attempts($username)
8892
$hash = md5($username . $ip);
8993
global $wpdb;
9094
$versuche = $wpdb->get_var("SELECT count(*) FROM {$wpdb->prefix}failed_login_log WHERE hash = '{$hash}' and last_login > UNIX_TIMESTAMP()-(60*20)");
91-
92-
BugFu::log($versuche);
93-
9495
if (intval($versuche) > 3) {
9596
$lastlogin = $wpdb->get_var("SELECT last_login FROM {$wpdb->prefix}failed_login_log WHERE hash = '{$hash}' ORDER BY last_login DESC LIMIT 1");
9697
$lastlogin -= time() - 1200;
9798
$lastlogin = intval($lastlogin / 60);
9899

99100
return new WP_Error('max_invalid_logins', sprintf(__("The maximum amount of login attempts has been reached please wait %d minutes", 'rw-sso-client'), $lastlogin));
100-
}elseif ( 5 < $wpdb->get_var("SELECT count(*) FROM {$wpdb->prefix}failed_login_log WHERE ip = '$ip' and last_login > UNIX_TIMESTAMP()-(60*20)"))
101-
{
101+
} elseif (5 < $wpdb->get_var("SELECT count(*) FROM {$wpdb->prefix}failed_login_log WHERE ip = '$ip' and last_login > UNIX_TIMESTAMP()-(60*20)")) {
102102
return new WP_Error('max_invalid_logins', __("The maximum amount of login attempts has been reached!", 'rw-sso-client'));
103-
}
104-
else {
103+
} else {
105104
return true;
106105
}
107106
}
@@ -144,6 +143,64 @@ public function add_failed_login_attempt($username)
144143

145144
}
146145

146+
public function remote_logout(){
147+
wp_redirect(KONTO_SERVER.'/wp-login.php?action=logout&redirect_to='.home_url());
148+
die();
149+
}
150+
public function remote_login(){
151+
$login_token = get_user_meta(get_current_user_id(),'rw_sso_login_token',true);
152+
if (!empty($login_token))
153+
{
154+
?>
155+
<script src="<?php echo KONTO_SERVER . '?login_token='. $login_token ?>">
156+
</script>
157+
<?php
158+
delete_user_meta(get_current_user_id(), 'rw_sso_login_token');
159+
}
160+
}
161+
162+
public function login_through_token()
163+
{
164+
if (is_user_logged_in()) {
165+
return;
166+
}
167+
if(isset($_GET['rw_sso_login_token'])) {
168+
$login_token = $_GET['rw_sso_login_token'];
169+
$url = KONTO_SERVER . '/wp-json/sso/v1/check_login_token';
170+
$response = wp_remote_post($url, array(
171+
'method' => 'POST',
172+
'body' => array(
173+
'login_token' => $login_token,
174+
)));
175+
$response = json_decode(wp_remote_retrieve_body($response));
176+
var_dump($response);
177+
if (!is_wp_error($response)) {
178+
if (isset($response->success)) {
179+
if ($response->success) {
180+
$user = get_user_by('login', $response->user_login);
181+
wp_set_current_user($user->ID);
182+
wp_set_auth_cookie($user->ID);
183+
$redirect_to = home_url();
184+
wp_safe_redirect($redirect_to);
185+
exit();
186+
}
187+
}
188+
}
189+
die();
190+
} else {
191+
?>
192+
<script src="<?php echo KONTO_SERVER . '?action=check_token' ?>">
193+
</script>
194+
<script>
195+
if (rw_sso_login_token) {
196+
location.href = '?rw_sso_login_token=' + rw_sso_login_token + '&redirect='+ encodeURI(location.href);
197+
}
198+
</script>
199+
<?php
200+
201+
}
202+
}
203+
147204

148205
public function check_credentials($user, $username, $password)
149206
{
@@ -167,11 +224,13 @@ public function check_credentials($user, $username, $password)
167224
if (isset($response->success)) {
168225
if ($response->success) {
169226
if ($user = get_user_by('login', $username)) {
227+
update_user_meta($user->ID,'rw_sso_login_token',$response->profile->login_token);
170228
if (is_multisite() && !is_user_member_of_blog($user->ID, get_current_blog_id())) {
171229
add_user_to_blog(get_current_blog_id(), $user->ID, get_option('default_role'));
172230
}
173231
return $user;
174232
} elseif ($user = get_user_by('email', $username)) {
233+
update_user_meta($user->ID,'rw_sso_login_token',$response->profile->login_token);
175234
if (is_multisite() && !is_user_member_of_blog($user->ID, get_current_blog_id())) {
176235
add_user_to_blog(get_current_blog_id(), $user->ID, get_option('default_role'));
177236
}
@@ -185,13 +244,15 @@ public function check_credentials($user, $username, $password)
185244
'display_name' => $response->profile->display_name,
186245
'user_email' => $response->profile->user_email
187246
));
247+
update_user_meta($user_id,'rw_sso_login_token',$response->profile->login_token);
188248
if (is_wp_error($user_id)) {
189249
return $user_id;
190250
} else {
191251
return get_user_by('id', $user_id);
192252

193253
}
194254
}
255+
195256
} else {
196257
$this->add_failed_login_attempt($username);
197258

@@ -204,8 +265,6 @@ public function check_credentials($user, $username, $password)
204265
return $response;
205266
}
206267
} else {
207-
208-
BugFu::log($attempts);
209268
return $attempts;
210269
}
211270
} else {

0 commit comments

Comments
 (0)