Upload files to "/"
All checks were successful
Build, Push, Publish / Build & Release (push) Successful in 24s
All checks were successful
Build, Push, Publish / Build & Release (push) Successful in 24s
This commit is contained in:
125
plugin.php
125
plugin.php
@@ -2,8 +2,8 @@
|
||||
/*
|
||||
Plugin Name: ICC Webmaster Settings
|
||||
Plugin URI: https://git.icc.gg/ivancarlos/yourlsiccwebmastersettings
|
||||
Description: Customize Logo, Title, Footer, CSS & Favicons. Add reCAPTCHA v3, HTTP Redirect, 301/302 Redirects, Dash/Underscore, Force Lowercase & Remove Share features
|
||||
Version: 2.3
|
||||
Description: Customize logo, title, footer, CSS, favicons, add 2FA & reCAPTCHA, HTTP, 301/302 redirects, allow dash/underscore, force lowercase, remove share buttons.
|
||||
Version: 3.0
|
||||
Author: Ivan Carlos
|
||||
Author URI: https://ivancarlos.com.br/
|
||||
*/
|
||||
@@ -15,6 +15,9 @@ if (!defined('YOURLS_ABSPATH'))
|
||||
// Default redirect delay in seconds (used when option unset)
|
||||
define('ICC_MRDR_DEFAULT_DELAY', 1);
|
||||
|
||||
// Load 2FA library
|
||||
require_once 'authenticator.php';
|
||||
|
||||
// Register unified config page
|
||||
yourls_add_action('plugins_loaded', 'icc_config_add_page');
|
||||
function icc_config_add_page()
|
||||
@@ -96,6 +99,67 @@ function icc_config_do_page()
|
||||
$icc_force_lowercase_enabled = yourls_get_option('icc_force_lowercase_enabled');
|
||||
$force_lowercase_checked = $icc_force_lowercase_enabled ? 'checked' : '';
|
||||
|
||||
// 2FA options
|
||||
$icc_2fa_tokens = json_decode(yourls_get_option('icc_2fa_tokens', '{}'), true);
|
||||
$user_2fa = isset($icc_2fa_tokens[YOURLS_USER]) ? $icc_2fa_tokens[YOURLS_USER] : ['active' => false, 'secret' => '', 'type' => ''];
|
||||
$is_2fa_active = $user_2fa['active'];
|
||||
|
||||
// Handle 2FA Actions
|
||||
$twofa_message = '';
|
||||
if (isset($_POST['icc_2fa_activate'])) {
|
||||
$ga = new PHPGangsta_GoogleAuthenticator();
|
||||
$secret = $ga->createSecret();
|
||||
$icc_2fa_tokens[YOURLS_USER] = [
|
||||
'active' => false,
|
||||
'secret' => $secret,
|
||||
'type' => 'otp'
|
||||
];
|
||||
yourls_update_option('icc_2fa_tokens', json_encode($icc_2fa_tokens));
|
||||
$user_2fa = $icc_2fa_tokens[YOURLS_USER];
|
||||
} elseif (isset($_POST['icc_2fa_verify'])) {
|
||||
$token = isset($_POST['icc_2fa_token']) ? trim($_POST['icc_2fa_token']) : '';
|
||||
$ga = new PHPGangsta_GoogleAuthenticator();
|
||||
if ($ga->verifyCode($user_2fa['secret'], $token, 2)) {
|
||||
$icc_2fa_tokens[YOURLS_USER]['active'] = true;
|
||||
yourls_update_option('icc_2fa_tokens', json_encode($icc_2fa_tokens));
|
||||
$is_2fa_active = true;
|
||||
$twofa_message = '<p style="color:green;">2FA Activated successfully!</p>';
|
||||
} else {
|
||||
$twofa_message = '<p style="color:red;">Invalid token. Please try again.</p>';
|
||||
}
|
||||
} elseif (isset($_POST['icc_2fa_deactivate'])) {
|
||||
$icc_2fa_tokens[YOURLS_USER]['active'] = false;
|
||||
$icc_2fa_tokens[YOURLS_USER]['secret'] = '';
|
||||
yourls_update_option('icc_2fa_tokens', json_encode($icc_2fa_tokens));
|
||||
$is_2fa_active = false;
|
||||
$twofa_message = '<p style="color:blue;">2FA Deactivated.</p>';
|
||||
}
|
||||
|
||||
$twofa_html = '';
|
||||
if ($is_2fa_active) {
|
||||
$twofa_html = '<p>2FA is currently <strong>enabled</strong>.</p>
|
||||
<form method="post">
|
||||
<input type="submit" name="icc_2fa_deactivate" value="Deactivate 2FA" class="button" />
|
||||
</form>';
|
||||
} else {
|
||||
if (isset($_POST['icc_2fa_activate']) || (isset($_POST['icc_2fa_verify']) && !$is_2fa_active)) {
|
||||
$ga = new PHPGangsta_GoogleAuthenticator();
|
||||
$qrCodeUrl = $ga->getQRCodeGoogleUrl('YOURLS (' . YOURLS_USER . ')', $user_2fa['secret']);
|
||||
$twofa_html = '<p>1. Scan this QR code with your Authenticator app (Google Authenticator, Authy, etc.):</p>
|
||||
<p><img src="' . $qrCodeUrl . '" style="border:1px solid #ccc;" /></p>
|
||||
<p>2. Enter the 6-digit code from the app to verify:</p>
|
||||
<form method="post">
|
||||
<input type="text" name="icc_2fa_token" size="6" maxlength="6" autocomplete="off" />
|
||||
<input type="submit" name="icc_2fa_verify" value="Verify and Activate" class="button" />
|
||||
</form>';
|
||||
} else {
|
||||
$twofa_html = '<p>2FA is currently <strong>disabled</strong>.</p>
|
||||
<form method="post">
|
||||
<input type="submit" name="icc_2fa_activate" value="Setup 2FA" class="button" />
|
||||
</form>';
|
||||
}
|
||||
}
|
||||
|
||||
echo <<<HTML
|
||||
<h2>Webmaster Settings</h2>
|
||||
<form method="post">
|
||||
@@ -176,10 +240,14 @@ function icc_config_do_page()
|
||||
|
||||
<p><input type="submit" name="icc_submit" value="Update values" /></p>
|
||||
</form>
|
||||
|
||||
<hr style="margin-top: 40px" />
|
||||
<h3>2FA (Two-Factor Authentication)</h3>
|
||||
{$twofa_message}
|
||||
{$twofa_html}
|
||||
<hr style="margin-top: 40px" />
|
||||
<p><strong><a href="https://ivancarlos.me/" target="_blank">Ivan Carlos</a></strong> »
|
||||
<a href="https://buymeacoffee.com/ivancarlos" target="_blank">Buy Me a Coffee</a> »
|
||||
<a href="https://patreon.com/ivancarlos" target="_blank">Patreon</a></p>
|
||||
<a href="https://buymeacoffee.com/ivancarlos" target="_blank">Buy Me a Coffee</a></p>
|
||||
HTML;
|
||||
}
|
||||
|
||||
@@ -515,3 +583,52 @@ function icc_shunt_share_box($shunt)
|
||||
{
|
||||
return true;
|
||||
}
|
||||
|
||||
// 2FA Support Logic
|
||||
|
||||
// Add 2FA input to the login form
|
||||
yourls_add_action('login_form_bottom', 'icc_2fa_add_input');
|
||||
function icc_2fa_add_input()
|
||||
{
|
||||
echo '<p>
|
||||
<label for="icc_2fa_otp">' . yourls__('2FA Token') . '</label><br />
|
||||
<input type="text" id="icc_2fa_otp" name="icc_2fa_otp" placeholder="' . yourls__('Leave empty if not enabled') . '" size="30" class="text" wautocomplete="off" />
|
||||
</p>';
|
||||
}
|
||||
|
||||
// Attach 2FA validate function
|
||||
yourls_add_filter('is_valid_user', 'icc_2fa_validate');
|
||||
function icc_2fa_validate($is_valid)
|
||||
{
|
||||
// If user failed to properly authenticate, return
|
||||
if (!$is_valid) {
|
||||
return false;
|
||||
}
|
||||
|
||||
// If cookies are set, we are already logged in OR if this is an API request, skip 2fa
|
||||
if (isset($_COOKIE[yourls_cookie_name()]) || yourls_is_API()) {
|
||||
return $is_valid;
|
||||
}
|
||||
|
||||
$icc_2fa_tokens = json_decode(yourls_get_option('icc_2fa_tokens', '{}'), true);
|
||||
|
||||
if (!isset($icc_2fa_tokens[YOURLS_USER]) || !$icc_2fa_tokens[YOURLS_USER]['active']) {
|
||||
// User has not enabled 2fa
|
||||
return $is_valid;
|
||||
}
|
||||
|
||||
// User has enabled 2FA
|
||||
if ($icc_2fa_tokens[YOURLS_USER]['type'] == 'otp') {
|
||||
$token = isset($_REQUEST['icc_2fa_otp']) ? trim($_REQUEST['icc_2fa_otp']) : '';
|
||||
if (empty($token)) {
|
||||
return false;
|
||||
}
|
||||
|
||||
$ga = new PHPGangsta_GoogleAuthenticator();
|
||||
if ($ga->verifyCode($icc_2fa_tokens[YOURLS_USER]['secret'], $token, 2)) {
|
||||
return true;
|
||||
}
|
||||
}
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user