Skip to content

Commit

Permalink
Merge pull request #453 from equalizedigital/hotfix/basic-auth-fix
Browse files Browse the repository at this point in the history
Hotfix - basic auth fix
  • Loading branch information
SteveJonesDev authored Jan 17, 2024
2 parents 1056ed5 + ef67d44 commit e1d751b
Show file tree
Hide file tree
Showing 7 changed files with 99 additions and 79 deletions.
8 changes: 7 additions & 1 deletion accessibility-checker.php
Original file line number Diff line number Diff line change
Expand Up @@ -834,7 +834,13 @@ function edac_summary_ajax() {
$html['content'] = '';

// password check.
if ( boolval( get_option( 'edac_password_protected' ) ) === true ) {
if (
! (
EDAC_KEY_VALID === true &&
edac_check_plugin_active( 'accessibility-checker-pro/accessibility-checker-pro.php' )
) &&
\EDAC\Helpers::is_basic_auth()
) {
$admin_notices = new \EDAC\Admin_Notices();
$notice_text = $admin_notices->edac_password_protected_notice_text();
$html['password_protected'] = $notice_text;
Expand Down
37 changes: 37 additions & 0 deletions includes/classes/class-helpers.php
Original file line number Diff line number Diff line change
Expand Up @@ -207,4 +207,41 @@ public static function is_domain_loopback( $domain ) {

return false;
}

/**
* Determine if this site is using basic auth.
*
* @return boolean
*/
public static function is_basic_auth() {

$key = 'edac_auth_type';

$status = get_transient( $key );

$status = false;

if ( false === $status ) {

//phpcs:disable WordPressVIPMinimum.Functions.RestrictedFunctions.wp_remote_get_wp_remote_get
$response = wp_remote_get( home_url() );
if ( ! is_wp_error( $response ) ) {
$code = wp_remote_retrieve_response_code( $response );

if ( 401 === $code || 403 === $code ) {
$status = 'basic';
}
}

// cache results for up to 30 seconds.
set_transient( $key, $status, 30 );

}

if ( 'basic' === $status ) {
return true;
}

return false;
}
}
1 change: 1 addition & 0 deletions includes/enqueue-scripts.php
Original file line number Diff line number Diff line change
Expand Up @@ -84,6 +84,7 @@ function edac_admin_enqueue_scripts() {
'postID' => $post_id,
'edacUrl' => esc_url_raw( get_site_url() ),
'edacHeaders' => $headers,
'basicAuth' => true === $pro ? false : EDAC\Helpers::is_basic_auth(),
'edacApiUrl' => esc_url_raw( rest_url() . 'accessibility-checker/v1' ),
'baseurl' => plugin_dir_url( __DIR__ ),
'active' => $active,
Expand Down
3 changes: 3 additions & 0 deletions includes/options-page.php
Original file line number Diff line number Diff line change
Expand Up @@ -77,6 +77,9 @@ function edac_display_welcome_page() {
*/
function edac_display_options_page() {
include_once plugin_dir_path( __DIR__ ) . 'partials/settings-page.php';

// force edac_auth_type to reset in case user updates auth options.
delete_transient( 'edac_auth_type' );
}

/**
Expand Down
1 change: 1 addition & 0 deletions includes/validate.php
Original file line number Diff line number Diff line change
Expand Up @@ -112,6 +112,7 @@ function edac_validate( $post_ID, $post, $action ) {
do_action( 'edac_after_get_content', $post_ID, $content, $action );

if ( ! $content['html'] ) {
delete_transient( 'edac_auth_type' );
add_option( 'edac_password_protected', true );
return;
} else {
Expand Down
5 changes: 3 additions & 2 deletions src/editorApp/checkPage.js
Original file line number Diff line number Diff line change
Expand Up @@ -5,11 +5,12 @@ import { showNotice } from './../common/helpers';

const API_URL = edac_editor_app.edacApiUrl;


let HEADERS;
if (typeof (edacp_full_site_scan_app) === 'undefined') {
if (typeof (edacpFullSiteScanApp) === 'undefined') {
HEADERS = edac_editor_app.edacHeaders;
} else {
HEADERS = edacp_full_site_scan_app.edacpHeaders;
HEADERS = edacpFullSiteScanApp.edacpHeaders;
}


Expand Down
123 changes: 47 additions & 76 deletions src/editorApp/index.js
Original file line number Diff line number Diff line change
@@ -1,102 +1,73 @@
import { settings } from './settings';
import { info, debug } from './helpers';
import { showNotice } from './../common/helpers';
import { settings } from './settings';
import { init as initCheckPage } from './checkPage';
import { showNotice } from './../common/helpers';



window.addEventListener('DOMContentLoaded', () => {

const SCANNABLE_POST_TYPE = edac_editor_app.active;

if(SCANNABLE_POST_TYPE && settings.JS_SCAN_ENABLED){

if (SCANNABLE_POST_TYPE && settings.JS_SCAN_ENABLED) {

if(edac_editor_app.pro === '1'){

// Use checkApi from pro instead.
setTimeout(function(){
if (edac_editor_app.pro === '1' || edac_editor_app.basicAuth !== '1') {

setTimeout(function () {
initCheckPage();
}, 250); // Allow page load to fire before init, otherwise we'll have to wait for iframe to load.

} else {

const API_URL = edac_editor_app.edacApiUrl;
const HEADERS = edac_editor_app.edacHeaders;


const checkApi = async () => {
try {
const response = await fetch(API_URL + '/test', {
method: "POST",
headers: HEADERS
});

return response.status;
} catch (error) {
return 401; // Default status for error
}
};


checkApi().then((status) => {

if (status > 400) {

if (status == 401) {

showNotice({
msg: 'Whoops! It looks like your website is currently password protected. The free version of Accessibility Checker can only scan live websites. To scan this website for accessibility problems either remove the password protection or follow the link below to upgrade to Accessibility Checker Pro.',
type: 'warning',
url: 'https://equalizedigital.com/accessibility-checker/pricing/',
label: 'Upgrade',
closeOthers: true
});


//Listen for dispatches from the wp data store so we can trap the update/publish event
let saving = false;
let autosaving = false;


if (wp.data !== undefined && wp.data.subscribe !== undefined) {
wp.data.subscribe(() => {


if (wp.data.select('core/editor').isAutosavingPost()) {
autosaving = true;
}

// Rescan the page if user saves post
if (wp.data.select('core/editor').isSavingPost()) {

saving = true;
} else {
showNotice({
msg: 'Whoops! It looks like there was a problem connecting to the WordPress REST API which is required by Accessibility Checker. Follow the link below for more information:',
type: 'warning',
url: 'https://developer.wordpress.org/rest-api/frequently-asked-questions',
label: 'Rest API',
closeOthers: true
});

debug('Error: Cannot connect to API. Status code is: ' + status);

if (saving) {
saving = false;

if (edac_editor_app.pro !== '1' || edac_editor_app.basicAuth === '1') {
showNotice({
msg: 'Whoops! It looks like your website is currently password protected. The free version of Accessibility Checker can only scan live websites. To scan this website for accessibility problems either remove the password protection or follow the link below to upgrade to Accessibility Checker Pro.',
type: 'warning',
url: 'https://equalizedigital.com/accessibility-checker/pricing/',
label: 'Upgrade',
closeOthers: true
});

}

}
}
} else {

setTimeout(function(){
initCheckPage();
}, 250); // Allow page load to fire before init, otherwise we'll have to wait for iframe to load.

}

}).catch((error) => {


showNotice({
msg: 'Whoops! It looks like there was a problem connecting to the WordPress REST API which is required by Accessibility Checker. Follow the link below for more information:',
type: 'warning',
url: 'https://developer.wordpress.org/rest-api/frequently-asked-questions',
label: 'Rest API',
closeOthers: true

});

debug(error);

});

} else {
debug("Gutenberg is not enabled.");
}





}



}


});


0 comments on commit e1d751b

Please sign in to comment.