The Wayback Machine - https://web.archive.org/web/20230622082432/https://github.com/WordPress/two-factor
Skip to content

WordPress/two-factor

master
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
15 branches 22 tags
Code

Latest commit

@dd32
dd32 Require a nonce be present for revalidate POST requests. (#575)
f21ed3c Jun 1, 2023
Require a nonce be present for revalidate POST requests. (#575)
f21ed3c

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
.github
Fix typo
March 29, 2023 11:09
assets
Added New Image (#310)
December 26, 2019 21:47
includes
Sync with WP 5.8
September 7, 2021 09:55
providers
Revalidate two factor settings prior to allowing any two-factor chang…
May 11, 2023 16:47
tests
Require a nonce be present for revalidate POST requests. (#575)
June 1, 2023 14:55
.coveralls.yml
PHPCS code style fixes (#340)
June 16, 2020 18:09
.distignore
Update .distignore
March 20, 2023 13:14
.editorconfig
Tooling update (#277)
April 12, 2019 20:40
.eslintrc.json
Move to GitHub actions (#436)
March 24, 2022 15:32
.gitignore
Tests: Delete redundant test, add missing one.
February 8, 2023 09:37
.nvmrc
Move to GitHub actions (#436)
March 24, 2022 15:32
.wp-env.json
Move to GitHub actions (#436)
March 24, 2022 15:32
Gruntfile.js
TOTP: Require qrcode-generator
November 8, 2022 13:35
LICENSE.md
Create LICENSE.md (#313)
January 9, 2020 00:59
SECURITY.md
Add information about where to submit security bugs.
March 16, 2023 15:48
class-two-factor-compat.php
Use long array syntax
May 15, 2022 20:03
class-two-factor-core.php
Require a nonce be present for revalidate POST requests. (#575)
June 1, 2023 14:55
composer.json
Tests: Generate an HTML coverage report when running tests locally.
February 21, 2023 15:53
composer.lock
Bump guzzlehttp/psr7 from 2.4.3 to 2.5.0 (#555)
April 28, 2023 15:47
docker-compose.yml
Basic local test support (#355)
June 10, 2020 13:25
package-lock.json
Bump webpack from 5.74.0 to 5.76.1
March 15, 2023 06:13
package.json
TOTP: Require qrcode-generator
November 8, 2022 13:35
phpcs.xml.dist
Move to GitHub actions (#436)
March 24, 2022 15:32
phpunit-watcher.yml.dist
Tests: Explicitly ignore directories for performance
October 14, 2022 07:16
phpunit.xml.dist
Tests: Generate an HTML coverage report when running tests locally.
February 21, 2023 15:53
readme.md
Tests: Generate an HTML coverage report when running tests locally.
February 21, 2023 15:53
readme.txt
Bump tested up to version (#552)
April 12, 2023 15:36
two-factor.php
Release 0.8.1 (#550)
March 27, 2023 09:23
user-edit.css
Ensure the styles don't leak
October 7, 2022 13:04
Two-Factor Usage Contribute Testing Running tests in Docker Running tests locally Deployments Known Issues Credits Security

readme.md

Two-Factor

Test Deploy

Two-Factor plugin for WordPress. View on WordPress.org →

Usage

See the readme.txt for installation and usage instructions.

Contribute

Please report (non-security) issues and open pull requests on GitHub. See below for information on reporting potential security/privacy vulnerabilities.

Join the #core-passwords channel on WordPress Slack (sign up here).

To use the provided development environment, you'll first need to install and launch Docker. Once it's running, the next steps are:

$ git clone https://github.com/wordpress/two-factor.git
$ cd two-factor
$ composer install
$ npm install
$ npm run build
$ npm run env start

See package.json for other available scripts you might want to use during development, like linting and testing.

When you're ready, open a pull request with the suggested changes.

Testing

Running tests in Docker

  1. Run npm run env start
  2. Run npm run test or npm run test:watch.

Running tests locally

  1. Create a MySQL database for the tests. Don't reuse an existing database, because all of the data will be deleted every time the tests are run.
  2. Add the following to your ~/.bashrc, with the values for the database you created above: 
    export WORDPRESS_DB_NAME=wp_tests
export WORDPRESS_DB_USER=wp_tests
export WORDPRESS_DB_PASSWORD=wp_tests
  3. source ~/.bashrc
  4. Run composer run test or composer run test:watch.

To view the code coverage report, you can open a web browser, go to File > Open file..., and then select {path to two-factor}/tests/logs/html/index.html.

Deployments

Deployments to WP.org plugin repository are handled automatically by the GitHub action .github/workflows/deploy.yml. All merges to the master branch are commited to the trunk directory while all Git tags are pushed as versioned releases under the tags directory.

Known Issues

  • PHP codebase doesn't pass the WordPress coding standard checks, see #437.

Credits

Created by contributors and released under GPLv2 or later.

Security

Please privately report any potential security issues to the WordPress HackerOne program.

About

Two-Factor Authentication for WordPress.

wordpress.org/plugins/two-factor/

Topics

wordpress wordpress-plugin authentication totp 2fa

Resources

Readme

License

GPL-2.0 license

Security policy

Security policy

Stars

639 stars

Watchers

47 watching

Forks

151 forks
Report repository

Releases 22

Version 0.8.1 Latest
Mar 27, 2023
+ 21 releases

Contributors 56

+ 45 contributors

Languages