WordPress.org
Get WordPress

Plugin Directory

Changeset 2276253


Ignore:
Timestamp:
04/05/2020 08:10:49 AM (6 years ago)
Author:
marcofrl1
Message:

Added security options

Location:
jwt-ssolo
Files:
4 added
2 edited

Legend:

Unmodified
Added
Removed

  • jwt-ssolo/trunk/Readme.txt

    r2269015 r2276253  
    44Tags: login, dgpr, authentication, secure login, jwt, token
    55Requires at least: 4.6
    6 Tested up to: 5.3.2
    7 Stable tag: 1.5
     6Tested up to: 5.4
     7Stable tag: 1.5.2
    88Requires PHP: 5.2.4
    99License: GPLv2 or later
     
    24241. Register your wordpress site on https://auth.ssolo.co.uk
    25252. download plugin and install it on WordPress from Plugin section
    26 3. go to the admin dashboard, you can see the item menu Get AUTH config, click on it and insert the AUTH credential received after site registration
    27 4. You receive a servercode, you can use this code to register your users on AUTH server with the URL https://auth.ssolo.co.uk/reguser.php?servercode=yourservercode
     263. go to the admin dashboard, you can see the item menu JWT getconfig, click on it and insert the AUTH credential received after site registration
     274. You receive a servercode, you can use this code to register your users on AUTH server with the URL https://auth.ssolo.co.uk/auth/reguser.php?servercode=yourservercode
    28285 All done your WordPress now use a login secure server GDPR compliant.
    2929
     
    6565== Changelog ==
    6666
     67= 1.5.2 =
     68* Add security check on caller hosts
     69
    6770= 1.5 =
    6871* Implementation of JWT fase 2

  • jwt-ssolo/trunk/jwtlogin.php

    r2268950 r2276253  
    33/*
    44 Plugin Name: JWT SSOLO plugin
    5  Version: 1.5
     5 Version: 1.5.2
    66 Description: AUth2 authentication
    77 Author: SSOLO ltd
     
    1919
    2020function jwtl_checkTheUserAuthentication() {
    21     #include "wpssoloauth-lib.php";
    22     #if(!function_exists('wp_get_current_user')) {
    23     #    include(ABSPATH . "wp-includes/pluggable.php");
    24     #}
     21 
     22   
     23   
    2524    include(ABSPATH . "wp-includes/pluggable.php");
    26  
     25    if (isset($_POST['log']) and !isset($_COOKIE[$user_id]) and !is_admin()) {
    2726    $username=sanitize_email($_POST['log']);
    2827    $password=sanitize_text_field($_POST['pwd']);
     
    3534 
    3635 
    37   #echo "Tone session=".$session->token( 'token' );
     36 
    3837 
    3938    // try to log into the external service or database with username and password
     
    8988        header("Location:".get_page_link(MY_PROFILE_PAGE));
    9089    }
    91    
     90    }
    9291}
    9392// redirect for registration and lost password
     
    263262    } else {
    264263    $response = jwtl_GetLogin( $login_0,$password_1 );
    265    
    266    
     264 
    267265    $valid=jwtl_ValidateToken($response['data']['token'],$response['data']['secret']);
    268    
     266 
    269267    // if external authentication was successful
    270268    if( $valid[0]  == "invalid" ) {
     
    285283    } else {
    286284        $my_plugin = plugin_dir_path( __FILE__ );
     285     
    287286        $servercode=$valid[6];
    288287        $token=$response['data']['token'];
Note: See TracChangeset for help on using the changeset viewer.