equal
deleted
inserted
replaced
9 /** |
9 /** |
10 * Core class used to generate and validate keys used to enter Recovery Mode. |
10 * Core class used to generate and validate keys used to enter Recovery Mode. |
11 * |
11 * |
12 * @since 5.2.0 |
12 * @since 5.2.0 |
13 */ |
13 */ |
|
14 #[AllowDynamicProperties] |
14 final class WP_Recovery_Mode_Key_Service { |
15 final class WP_Recovery_Mode_Key_Service { |
15 |
16 |
16 /** |
17 /** |
17 * The option name used to store the keys. |
18 * The option name used to store the keys. |
18 * |
19 * |
35 /** |
36 /** |
36 * Creates a recovery mode key. |
37 * Creates a recovery mode key. |
37 * |
38 * |
38 * @since 5.2.0 |
39 * @since 5.2.0 |
39 * |
40 * |
40 * @global PasswordHash $wp_hasher |
41 * @global PasswordHash $wp_hasher Portable PHP password hashing framework instance. |
41 * |
42 * |
42 * @param string $token A token generated by {@see generate_recovery_mode_token()}. |
43 * @param string $token A token generated by {@see generate_recovery_mode_token()}. |
43 * @return string Recovery mode key. |
44 * @return string Recovery mode key. |
44 */ |
45 */ |
45 public function generate_and_store_recovery_mode_key( $token ) { |
46 public function generate_and_store_recovery_mode_key( $token ) { |
82 * |
83 * |
83 * Recovery mode keys can only be used once; the key will be consumed in the process. |
84 * Recovery mode keys can only be used once; the key will be consumed in the process. |
84 * |
85 * |
85 * @since 5.2.0 |
86 * @since 5.2.0 |
86 * |
87 * |
|
88 * @global PasswordHash $wp_hasher Portable PHP password hashing framework instance. |
|
89 * |
87 * @param string $token The token used when generating the given key. |
90 * @param string $token The token used when generating the given key. |
88 * @param string $key The unhashed key. |
91 * @param string $key The unhashed key. |
89 * @param int $ttl Time in seconds for the key to be valid for. |
92 * @param int $ttl Time in seconds for the key to be valid for. |
90 * @return true|WP_Error True on success, error object on failure. |
93 * @return true|WP_Error True on success, error object on failure. |
91 */ |
94 */ |
92 public function validate_recovery_mode_key( $token, $key, $ttl ) { |
95 public function validate_recovery_mode_key( $token, $key, $ttl ) { |
|
96 global $wp_hasher; |
93 |
97 |
94 $records = $this->get_keys(); |
98 $records = $this->get_keys(); |
95 |
99 |
96 if ( ! isset( $records[ $token ] ) ) { |
100 if ( ! isset( $records[ $token ] ) ) { |
97 return new WP_Error( 'token_not_found', __( 'Recovery Mode not initialized.' ) ); |
101 return new WP_Error( 'token_not_found', __( 'Recovery Mode not initialized.' ) ); |
103 |
107 |
104 if ( ! is_array( $record ) || ! isset( $record['hashed_key'], $record['created_at'] ) ) { |
108 if ( ! is_array( $record ) || ! isset( $record['hashed_key'], $record['created_at'] ) ) { |
105 return new WP_Error( 'invalid_recovery_key_format', __( 'Invalid recovery key format.' ) ); |
109 return new WP_Error( 'invalid_recovery_key_format', __( 'Invalid recovery key format.' ) ); |
106 } |
110 } |
107 |
111 |
108 if ( ! wp_check_password( $key, $record['hashed_key'] ) ) { |
112 if ( empty( $wp_hasher ) ) { |
|
113 require_once ABSPATH . WPINC . '/class-phpass.php'; |
|
114 $wp_hasher = new PasswordHash( 8, true ); |
|
115 } |
|
116 |
|
117 if ( ! $wp_hasher->CheckPassword( $key, $record['hashed_key'] ) ) { |
109 return new WP_Error( 'hash_mismatch', __( 'Invalid recovery key.' ) ); |
118 return new WP_Error( 'hash_mismatch', __( 'Invalid recovery key.' ) ); |
110 } |
119 } |
111 |
120 |
112 if ( time() > $record['created_at'] + $ttl ) { |
121 if ( time() > $record['created_at'] + $ttl ) { |
113 return new WP_Error( 'key_expired', __( 'Recovery key expired.' ) ); |
122 return new WP_Error( 'key_expired', __( 'Recovery key expired.' ) ); |