WP_Recovery_Mode_Link_Service
云策文档标注
概述
WP_Recovery_Mode_Link_Service 是 WordPress 核心类,用于生成和处理恢复模式链接。它通过依赖 WP_Recovery_Mode_Key_Service 和 WP_Recovery_Mode_Cookie_Service 来管理密钥和 Cookie,确保安全进入恢复模式。
关键要点
- 核心功能:生成恢复模式 URL 和处理用户通过 wp-login.php 访问时的恢复模式链接。
- 依赖服务:构造函数接收 WP_Recovery_Mode_Cookie_Service 和 WP_Recovery_Mode_Key_Service 实例,用于 Cookie 设置和密钥生成验证。
- 方法说明:包括 generate_url() 生成 URL、handle_begin_link() 处理链接进入恢复模式、get_recovery_mode_begin_url() 私有方法构建 URL。
- 常量定义:定义了 LOGIN_ACTION_ENTER 和 LOGIN_ACTION_ENTERED 用于动作标识。
- 安全机制:链接通过 token 和 key 验证,确保唯一性和时效性,防止滥用。
代码示例
// 示例:使用 WP_Recovery_Mode_Link_Service 生成恢复模式 URL
$cookie_service = new WP_Recovery_Mode_Cookie_Service();
$key_service = new WP_Recovery_Mode_Key_Service();
$link_service = new WP_Recovery_Mode_Link_Service($cookie_service, $key_service);
$recovery_url = $link_service->generate_url(); // 返回生成的恢复模式链接注意事项
- 链接有效性:同一时间只能有一个有效的恢复模式 URL,确保安全控制。
- 环境要求:handle_begin_link() 方法仅在 wp-login.php 页面且带有正确参数时触发,需注意全局变量和函数依赖。
- 过滤钩子:get_recovery_mode_begin_url() 方法应用了 recovery_mode_begin_url 过滤器,允许开发者自定义 URL 生成逻辑。
原文内容
Core class used to generate and handle recovery mode links.
Methods
| Name | Description |
|---|---|
| WP_Recovery_Mode_Link_Service::__construct | WP_Recovery_Mode_Link_Service constructor. |
| WP_Recovery_Mode_Link_Service::generate_url | Generates a URL to begin recovery mode. |
| WP_Recovery_Mode_Link_Service::get_recovery_mode_begin_url | Gets a URL to begin recovery mode. |
| WP_Recovery_Mode_Link_Service::handle_begin_link | Enters recovery mode when the user hits wp-login.php with a valid recovery mode link. |
Source
class WP_Recovery_Mode_Link_Service {
const LOGIN_ACTION_ENTER = 'enter_recovery_mode';
const LOGIN_ACTION_ENTERED = 'entered_recovery_mode';
/**
* Service to generate and validate recovery mode keys.
*
* @since 5.2.0
* @var WP_Recovery_Mode_Key_Service
*/
private $key_service;
/**
* Service to handle cookies.
*
* @since 5.2.0
* @var WP_Recovery_Mode_Cookie_Service
*/
private $cookie_service;
/**
* WP_Recovery_Mode_Link_Service constructor.
*
* @since 5.2.0
*
* @param WP_Recovery_Mode_Cookie_Service $cookie_service Service to handle setting the recovery mode cookie.
* @param WP_Recovery_Mode_Key_Service $key_service Service to handle generating recovery mode keys.
*/
public function __construct( WP_Recovery_Mode_Cookie_Service $cookie_service, WP_Recovery_Mode_Key_Service $key_service ) {
$this->cookie_service = $cookie_service;
$this->key_service = $key_service;
}
/**
* Generates a URL to begin recovery mode.
*
* Only one recovery mode URL can may be valid at the same time.
*
* @since 5.2.0
*
* @return string Generated URL.
*/
public function generate_url() {
$token = $this->key_service->generate_recovery_mode_token();
$key = $this->key_service->generate_and_store_recovery_mode_key( $token );
return $this->get_recovery_mode_begin_url( $token, $key );
}
/**
* Enters recovery mode when the user hits wp-login.php with a valid recovery mode link.
*
* @since 5.2.0
*
* @global string $pagenow The filename of the current screen.
*
* @param int $ttl Number of seconds the link should be valid for.
*/
public function handle_begin_link( $ttl ) {
if ( ! isset( $GLOBALS['pagenow'] ) || 'wp-login.php' !== $GLOBALS['pagenow'] ) {
return;
}
if ( ! isset( $_GET['action'], $_GET['rm_token'], $_GET['rm_key'] ) || self::LOGIN_ACTION_ENTER !== $_GET['action'] ) {
return;
}
if ( ! function_exists( 'wp_generate_password' ) ) {
require_once ABSPATH . WPINC . '/pluggable.php';
}
$validated = $this->key_service->validate_recovery_mode_key( $_GET['rm_token'], $_GET['rm_key'], $ttl );
if ( is_wp_error( $validated ) ) {
wp_die( $validated, '' );
}
$this->cookie_service->set_cookie();
$url = add_query_arg( 'action', self::LOGIN_ACTION_ENTERED, wp_login_url() );
wp_redirect( $url );
die;
}
/**
* Gets a URL to begin recovery mode.
*
* @since 5.2.0
*
* @param string $token Recovery Mode token created by <a href="https://developer.wordpress.org/reference/functions/generate_recovery_mode_token/">generate_recovery_mode_token()</a>.
* @param string $key Recovery Mode key created by <a href="https://developer.wordpress.org/reference/functions/generate_and_store_recovery_mode_key/">generate_and_store_recovery_mode_key()</a>.
* @return string Recovery mode begin URL.
*/
private function get_recovery_mode_begin_url( $token, $key ) {
$url = add_query_arg(
array(
'action' => self::LOGIN_ACTION_ENTER,
'rm_token' => $token,
'rm_key' => $key,
),
wp_login_url()
);
/**
* Filters the URL to begin recovery mode.
*
* @since 5.2.0
*
* @param string $url The generated recovery mode begin URL.
* @param string $token The token used to identify the key.
* @param string $key The recovery mode key.
*/
return apply_filters( 'recovery_mode_begin_url', $url, $token, $key );
}
}
Changelog
| Version | Description |
|---|---|
| 5.2.0 | Introduced. |