Plugin Single Sign-On (ok)

C:\xampp\htdocs\stephencunnington\wp-content\mu-plugins\sso.php

Tìm hiểu thê plugin https://vi.wordpress.org/plugins/single-sign-on-client/

<?php
/**
Plugin Name: SSO
Author: Garth Mortensen, Mike Hansen
Version: 0.3
License: GPLv2 or later
License URI: http://www.gnu.org/licenses/gpl-2.0.html
 */
function sso_check() {
  if (!isset($_GET['salt']) || !isset($_GET['nonce'])) {sso_req_login();}
  if (sso_check_blocked()) {sso_req_login();}
  $nonce = esc_attr($_GET['nonce']);
  $salt  = esc_attr($_GET['salt']);
  $user;
  if (!empty($_GET['user'])) {
    $user = esc_attr($_GET['user']);
  } else {
    $user = get_users(array('role' => 'administrator', 'number' => 1));
    if (is_array($user) && is_a($user[0], 'WP_User')) {
      $user = $user[0];
      $user = $user->ID;
    } else {
      $user = 0;
    }
  }
  $bounce = $_GET['bounce'];
  $hash   = base64_encode(hash('sha256', $nonce . $salt, false));
  $hash   = substr($hash, 0, 64);
  if (get_transient('sso_token') == $hash) {
    if (is_email($user)) {
      $user = get_user_by('email', $user);
    } else {
      $user = get_user_by('id', (int) $user);
    }
    if (is_a($user, 'WP_User')) {
      wp_set_current_user($user->ID, $user->user_login);
      wp_set_auth_cookie($user->ID);
      do_action('wp_login', $user->user_login, $user);
      delete_transient('sso_token');
      wp_safe_redirect(admin_url($bounce));
    } else {
      sso_req_login();
    }
  } else {
    sso_add_failed_attempt();
    sso_req_login();
  }
  die();
}
add_action('wp_ajax_nopriv_sso-check', 'sso_check');
add_action('wp_ajax_sso-check', 'sso_check');
function sso_req_login() {
  wp_safe_redirect(wp_login_url());
}
function sso_get_attempt_id() {
  return 'sso' . esc_url($_SERVER['REMOTE_ADDR']);
}
function sso_add_failed_attempt() {
  $attempts = get_transient(sso_get_attempt_id(), 0);
  $attempts++;
  set_transient(sso_get_attempt_id(), $attempts, 300);
}
function sso_check_blocked() {
  $attempts = get_transient(sso_get_attempt_id(), 0);
  if ($attempts > 4) {
    return true;
  }
  return false;
}
PreviousTìm hiểu về Single Sign-On (ok)NextVí dụ Sử dụng sẵn thư viện masonry của wordpres (ok)

Last updated