Good-Production
/
cosmopet-architecture
6
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Task: 6607 | Отправка кода авторизации на сайтах

Browse Source
pull/29/head
Максим Максимов 2 months ago
parent 9148ddd43f
commit 2bd9b7d156
2 changed files with 96 additions and 112 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 158
      wp-content/themes/cosmopet/functions.php
  2. 28
      wp-content/themes/cosmopet/modules/footer/assets/js/footer.js

158
wp-content/themes/cosmopet/functions.php
Unescape View File

@ -647,43 +647,48 @@ add_action('wp_ajax_send_code', 'send_code');
add_action('wp_ajax_nopriv_send_code', 'send_code'); add_action('wp_ajax_nopriv_send_code', 'send_code');
function send_code() { function send_code() {
$email = $_POST['email']; $email = sanitize_email($_POST['email']);
if (!is_email($email)) {
wp_die(json_encode(['status' => 'error', 'text' => 'Invalid email']));
}
// Generate a random 4-digit code // Generate a random 4-digit code
$string = rand(1234, 9999); $code = sprintf("%04d", mt_rand(1000, 9999));
$ciphering = "AES-128-CTR";
$options = 0; // Store code in a secure session for 5 minutes
$iv = '1234567891011121'; session_start();
$encryption = openssl_encrypt($string, $ciphering, SECRET, $options, $iv); $_SESSION['login_code'] = [
'code' => $code,
// Store encrypted code in a cookie for 5 minutes 'email' => $email,
setcookie('login_code', $encryption, time() + 60 * 5, '/'); 'expires' => time() + (5 * 60)
];
// Prepare email content based on language session_write_close();
if (function_exists('pll_current_language') && pll_current_language() === 'ru') {
$subject = "Проверочный код Cosmopet -" . $string; // Prepare email content
$message = "Привет, это Cosmopet.\n $language = function_exists('pll_current_language') ? pll_current_language() : 'en';
Держите проверочный код!\n if ($language === 'ru') {
" . $string; $subject = "Проверочный код Cosmopet - $code";
$message = "Привет, это Cosmopet.\nВаш проверочный код: $code\nДействителен 5 минут.";
} else { } else {
$subject = "Cosmopet Verification Code -" . $string; $subject = "Cosmopet Verification Code - $code";
$message = "Hello, this is CosmoPet.\n $message = "Hello, this is CosmoPet.\nYour verification code: $code\nValid for 5 minutes.";
Here's your verification code!\n
" . $string;
} }
// Remove email filters for consistent sending // Configure email headers
remove_all_filters('wp_mail_from');
remove_all_filters('wp_mail_from_name');
$headers = array( $headers = array(
'From: Cosmopet <pro@cosmopet.shop>', 'From: Cosmopet <pro@cosmopet.shop>',
'content-type: text/html; charset=utf-8', 'content-type: text/plain; charset=utf-8',
'Reply-To: pro@cosmopet.shop',
); );
// Send email // Send email with fallback logging
wp_mail($email, $subject, $message, $headers); $sent = wp_mail($email, $subject, $message, $headers);
if ($sent) {
wp_die(); wp_die(json_encode(['status' => 'success', 'message' => 'Code sent']));
} else {
error_log("Email failed to send to $email. Error: " . json_encode(error_get_last()));
wp_die(json_encode(['status' => 'error', 'text' => 'Failed to send code']));
}
} }
/** /**
@ -696,82 +701,61 @@ add_action('wp_ajax_nopriv_check_code', 'check_code');
function check_code() { function check_code() {
header("Content-Type: application/json"); header("Content-Type: application/json");
$code = $_POST['code']; $code = sanitize_text_field($_POST['code']);
$email = $_POST['email']; $email = sanitize_email($_POST['email']);
// Generate a random 12-character password session_start();
$alphabet = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890@#!()'; if (isset($_SESSION['login_code']) && is_array($_SESSION['login_code'])) {
$pass = array(); $stored_data = $_SESSION['login_code'];
$alphaLength = strlen($alphabet) - 1; if ($stored_data['email'] === $email && $stored_data['code'] === $code && $stored_data['expires'] > time()) {
for ($i = 0; $i < 12; $i++) { // Generate a random password
$n = rand(0, $alphaLength); $password = wp_generate_password(12, true, false);
$pass[] = $alphabet[$n];
}
$pass = implode($pass);
// Check if verification code cookie exists
if (isset($_COOKIE['login_code'])) {
$string = $_COOKIE['login_code'];
$ciphering = "AES-128-CTR";
$options = 0;
$iv = '1234567891011121';
$decryption = openssl_decrypt($string, $ciphering, SECRET, $options, $iv);
if ($decryption === $code) {
if (email_exists($email)) { if (email_exists($email)) {
// Log in existing user // Log in existing user
$user_id = get_user_by('login', $email)->ID; $user = get_user_by('email', $email);
if (empty($user_id)) { wp_set_password($password, $user->ID);
$user_id = get_user_by('email', $email)->ID; $login = wp_signon([
}
wp_set_password($pass, $user_id);
wp_signon(
array(
'user_login' => $email, 'user_login' => $email,
'user_password' => $pass, 'user_password' => $password,
'remember' => 'on', 'remember' => true
) ]);
);
echo json_encode(array( if (!is_wp_error($login)) {
'status' => 'success_auth' // Redirect to admin dashboard
)); update_user_meta($user->ID, 'activated', true);
if (function_exists('update_field')) { wp_die(json_encode(['status' => 'success_auth', 'redirect' => admin_url()]));
update_field('activated', true, 'user_' . $user_id); // Requires ACF
} }
exit();
} else { } else {
// Register new user // Register new user
$user_id = wp_create_user($email, $pass, $email); $user_id = wp_create_user($email, $password, $email);
if (!is_wp_error($user_id)) {
wp_update_user([ wp_update_user([
'ID' => $user_id, 'ID' => $user_id,
'user_email' => $email 'display_name' => $email
]);
$login = wp_signon([
'user_login' => $email,
'user_password' => $password,
'remember' => true
]); ]);
wp_set_auth_cookie($user_id, true); if (!is_wp_error($login)) {
echo json_encode(array( update_user_meta($user_id, 'activated', true);
'status' => 'success_reg' wp_die(json_encode(['status' => 'success_reg', 'redirect' => admin_url()]));
));
if (function_exists('update_field')) {
update_field('activated', true, 'user_' . $user_id); // Requires ACF
} }
exit();
} }
} else {
echo json_encode(array(
'status' => 'error',
'text' => esc_html__('Invalid code', 'woodmart')
));
exit();
} }
} else {
echo json_encode(array(
'status' => 'error',
'text' => esc_html__('The code hasexpired', 'woodmart')
));
exit();
} }
wp_die(); }
// Cleanup expired session data
if (isset($_SESSION['login_code']) && $stored_data['expires'] <= time()) {
unset($_SESSION['login_code']);
}
session_write_close();
wp_die(json_encode(['status' => 'error', 'text' => 'Invalid or expired code']));
} }
/** /**

28
wp-content/themes/cosmopet/modules/footer/assets/js/footer.js
Unescape View File

@ -758,20 +758,20 @@ initCounters()
// counter // counter
// checkbox // checkbox
let checkbox = document.querySelectorAll('.checkbox'); // let checkbox = document.querySelectorAll('.checkbox');
checkbox.forEach(e => { // checkbox.forEach(e => {
e.onclick = function (event) { // e.onclick = function (event) {
let input = e.querySelector('.checkbox__input'); // let input = e.querySelector('.checkbox__input');
if (!e.classList.contains('active')) { // if (!e.classList.contains('active')) {
input.checked = 1; // input.checked = 1;
}else{ // }else{
input.checked = 0; // input.checked = 0;
} // }
e.classList.toggle('active'); // e.classList.toggle('active');
} // }
}) // })
// checkbox // checkbox

Write Preview
Loading…
Cancel
Save