Check if 2FA is set up

  • Resolved enkirch

    (@enkirch)


    1 year, 8 months ago

    hi,
    I have a custom theme here that uses the login_redirect filter. Here I decide depending on the user role where the user is redirected.

    Now I have set 2FA to required for a specific user role in my test environment. But this user has not set up 2FA.

    When this user logs in now, he is redirected directly to his page.

    So,

    if( user == userole ){
    $URL = redirect To Normal Page;
	return URL;
}

    At this point, how can I query whether the user who is logging in already has 2FA set up or not? Whether it is necessary for him etc?

    So that I can do this here?

    if( user == userole ){
	
    if(UserhatSetup2FA == true ){
        $URL = redirect To Normal Page;
    }else{
        $URL = redirect To WordPress Profile WordFence 2FA View;
    }

	return $URL;
}
Viewing 4 replies - 1 through 4 (of 4 total)
  • Thread Starter enkirch

    (@enkirch)

    so I need the following information:

    - A list of the user roles that have 2FA enabled.
- Based on the UserID of the user who logs in
-- Whether he has 2FA set up
-- Whether he can still log in via 2FA or he has to reset something

    Plugin Support wfpeter

    (@wfpeter)

    Hi @enkirch, thanks for getting in touch.

    At the moment, we support our Login Security features on the default WordPress and WooCommerce login/registration forms only.

    Other developers could have written custom solutions to operations they’d like to hook into and may have documented or blogged about them. However, we’re unable to provide any support for custom code because our own future plugin updates may cause some to break and we don’t have the resources to follow-up on independent development cases.

    If you are developing a plugin and wish to work with us, you can contact genbiz @ wordfence . com

    Many thanks,
    Peter.

    Thread Starter enkirch

    (@enkirch)

    Hi,

    ok is there a docoumentation about the stuff you save in the user meta ?

    (
    [2a0469a6-5699-43bc-8d49-6450bfc80cc4] => Array
        (
            [severity] => critical
            [messageHTML] => You do not currently have two-factor authentication active on your account, which will be required beginning March 21, 2023 9:22 AM. Configure 2FA
            [category] => wfls-will-be-required
        )

)

    I found this in the user-meta.

    Unfortunately, that’s exactly what it said when 2FA was not active for that user or user role.
    Something like that would be enough.

    And if there is no documentation, it would be possible to explain once the points “severity” and “category” and what “wfls” means. the “wf” in “wfls” stands for Wordfence, but what is the “ls”?

    Thread Starter enkirch

    (@enkirch)

    Just saw the new shortcode management. this is awesome so far!

    Now, the only thing i need is, a way to display a banner everywhere, if the 2fa is not set up and is necessary soon.(with the expiration date)

    The banner you’re already showing in the wp-admin.

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Check if 2FA is set up’ is closed to new replies.