Protection of WordPress logins

includes/action_caller.php

@@ -0,0 +1,23 @@
+<?php
+
+if (!isset($loginHandler)) {
+    $loginHandler = new \Bdp\Modules\LimitLoginAttempts\Controllers\LoginHandler();
+}
+
+add_action('wp_login_failed', [$loginHandler, 'onFailedLogin']);
+add_filter('wp_authenticate_user', [$loginHandler, 'onSuccessFullLogin'], 99999, 2);
+add_filter( 'admin_enqueue_scripts', 'enqueue_custom_password_js',10 );
+
+add_action('admin_init', 'admin_init');
+
+if (get_option('kompass_cookies', false)) {
+    $loginHandler->handleCookies();
+    add_action('auth_cookie_bad_username', [$loginHandler, 'checkFailedCookies']);
+    add_action('auth_cookie_valid', [$loginHandler, 'onValidCookie'], 10, 2);
+}
+
+if (isset($_POST['save_kompass_balist_list_type'])) {
+    updateBlockOrAllowList($_POST);
+}
+
+

includes/frontend-functions.php

@@ -16,17 +16,13 @@ function bdp_update_dashboard_style() {
 
 
 function bdp_add_menu_security() {
+
     $moduleLoad = get_admin_url() . 'admin.php?page=' . BDP_LV_PLUGIN_SLUG . '/modules/index.php&loadmodule=';
 
-    add_menu_page(
-        'Sicherheit',
-        'Webseiten-Sicherheit',
-        'manage_options',
-        'site-health.php',
-        '',
-        'dashicons-admin-network',
-        5
-    );
+
+
+
+
 }
 
 function bdp_add_menu_contents() {
@@ -69,7 +65,7 @@ function bdp_add_menu_mein_lv() {
     $moduleLoad = get_admin_url() . 'admin.php?page=' . BDP_LV_PLUGIN_SLUG . '/modules/index.php&loadmodule=';
 
     add_menu_page(
-        'Mein BDP',
+        'Mein BdP',
         'BdP',
         'manage_options',
         $mainSlug,
@@ -113,7 +109,7 @@ function bdp_add_menu_setup() {
 
     add_submenu_page('users.php',
         'Design-Einstellungen',
-        'Design',
+        'Template bearbeiten',
         'manage_options',
         'customize.php?return=/wp-admin/'
     );
@@ -132,6 +128,22 @@ function bdp_add_menu_setup() {
         'manage_options',
         'themes.php'
     );
+
+	add_submenu_page('users.php',
+		'Sicherheit',
+		'Webseiten-Sicherheit',
+		'manage_options',
+		'site-health.php'
+	);
+
+	$loginOption = new \Bdp\Modules\LimitLoginAttempts\Controllers\OptionsPage();
+	add_submenu_page('users.php',
+		'Login-Sicherheit',
+		'Login-Sicherheit',
+		'manage_options',
+		BDP_LV_PLUGIN_SLUG . '-limit-login-attempts',
+		[$loginOption, 'limit_login_option_page']
+	);
 }
 
 function bdp_cleanup_menu()

includes/pre_requires.php

@@ -3,3 +3,4 @@ require_once (ABSPATH . '/wp-admin/includes/plugin.php');
 require_once (ABSPATH . '/wp-admin/includes/class-wp-filesystem-base.php');
 require_once (ABSPATH . '/wp-admin/includes/class-wp-filesystem-direct.php');
 require_once (ABSPATH . '/wp-includes/pluggable.php');
+require_once (ABSPATH . '/wp-admin/includes/template.php');

includes/setup.php

@@ -3,9 +3,12 @@ if ( ! defined( 'WP_PLUGIN_DIR' ) ) {               // Abspath to wp-content/plu
     define( 'WP_PLUGIN_DIR', WP_CONTENT_DIR . '/plugins' ); // Full path, no trailing slash.
 }
 
+use Bdp\Modules\LimitLoginAttempts\Controllers\LoginHandler;
+
+
 require_once dirname(__FILE__) . '/pre_requires.php';
 require_once dirname(__FILE__) . '/environment.php';
-
+require_once dirname(__FILE__) . '/spl.php';
 require_once dirname(__FILE__) . '/update.class.php';
 
 require_once BDP_LV_PLUGIN_DIR . 'includes/FileAccess.class.php';
@@ -20,6 +23,10 @@ require_once (BDP_LV_PLUGIN_DIR . '/includes/frontend-functions.php');
 
 require_once (BDP_LV_PLUGIN_DIR . '/modules/security/security.php');
 
+function admin_init()
+{
+	kompass_settings_validators();
+}
 
 bdp_create_menu_structure();
 
@@ -31,6 +38,7 @@ function bdp_kompass_load_plugin_textdomain() {
 
 
 
-#$class =
+$loginHandler = new LoginHandler();
 new BdpVersionChecker();
 #add_filter( 'plugins_api', array( $class, 'info' ), 20, 3 );
+require_once dirname(__FILE__) . '/action_caller.php';

includes/spl.php

@@ -0,0 +1,32 @@
+<?php
+spl_autoload_register(function ($className) {
+
+    if (!str_starts_with($className, 'ProtectLogin\\')) {
+        return;
+    }
+
+    $fileName = str_replace('\\','/', $className);
+    $fileName = str_replace('ProtectLogin/Modules/', 'ProtectLogin/modules/', $fileName);
+    $fileName = str_replace('ProtectLogin/', '', $fileName);
+
+
+
+    $fileName = BDP_LV_PLUGIN_DIR . $fileName . '.php';
+    if (!file_exists($fileName)) {
+        return;
+    }
+
+    require_once $fileName;
+});
+
+$modules = ['LimitLoginAttempts', 'PasswordStrength'];
+$subdirs = ['includes', 'Controllers', 'Views'];
+
+foreach ($modules as $curModule) {
+    foreach ($subdirs as $dir) {
+        $directoryPath = BDP_LV_PLUGIN_DIR . 'modules/' . $curModule . '/' . $dir . '/';
+        foreach (glob($directoryPath . '*.php') as $file) {
+            require_once $file;
+        }
+    }
+}