v1.0.1 (#1)

README.md

@@ -20,88 +20,55 @@ composer require log1x/sage-password-protected
 
 ## Usage
 
-Out of the box, this package does absolutely nothing as all values are defaulted to false. To get started, begin passing your values through the provided filters. When passing the password, you must either pass it through `password_hash()` or if using ACF, use my [acf-encrypted-password](https://github.com/log1x/acf-encrypted-password) field.
+Out of the box, this package does absolutely nothing as all values are defaulted to false. To get started, begin passing your values in an array through the provided filter. When passing the password, you must either pass it through `password_hash()` or if using ACF, use my [acf-encrypted-password](https://github.com/log1x/acf-encrypted-password) field.
 
-Below are not only the provided filters, but a personal example of how I use them alongside ACF and [ACF Fluent](https://github.com/samrap/acf-fluent).
+### Configuration
 
-### Filters
+#### Defaults
 
-```php
-/**
- * Returns true if password protection is enabled.
- *
- * @return boolean
- */
-add_filter('password-protected/isActive', function () {
- return Acf::option('password_protected')->get();
-});
-
-/**
- * Returns the password set for password protection.
- *
- * @return string
- */
-add_filter('password-protected/password', function () {
- return Acf::option('password')->get();
-});
-
-/**
- * Returns true if feeds are allowed while password protection is enabled.
- *
- * @return boolean
- */
-add_filter('password-protected/allowFeeds', function () {
- return Acf::option('password_show_feeds')->get();
-});
-
-/**
- * Returns true if admins are allowed to bypass authentication while password protection is enabled.
- *
- * @return boolean
- */
-add_filter('password-protected/allowAdmins', function () {
- return Acf::option('password_allow_administrators')->get();
-});
-
-/**
- * Returns true if users are allowed to bypass authentication while password protection is enabled.
- *
- * @return boolean
- */
-add_filter('password-protected/allowUsers', function () {
- return Acf::option('password_allow_users')->get();
-});
-
-/**
- * Returns true if specific IP Addresses are allowed to bypass authentication while password protection is enabled.
- *
- * @return boolean
- */
-add_filter('password-protected/allowIpAddresses', function () {
- return Acf::option('password_allow_by_ip_address')->get();
-});
+Below are the default / possible configuration values.
 
+```php
 /**
- * Returns the IP addresses allowed to bypass authentication while password protection is enabled.
- *
+ * Default configuration for Sage Password Protected
+ * 
  * @return array
  */
-add_filter('password-protected/allowedIpAddresses', function () {
- return Acf::option('password_allowed_ip_addresses')->get();
+add_filter('password_protected', function () {
+ return [
+ 'active' => false,
+ 'password' => false,
+ 'secret' => $this->secret,
+ 'allowFeeds' => false,
+ 'allowAdmins' => false,
+ 'allowUsers' => false,
+ 'allowIpAddresses' => false,
+ 'allowedIpAddresses' => [],
+ 'title' => $this->name()
+ ];
 });
 ```
 
-You can also filter the page title:
+#### Example
+
+Below is a personal example of how I handle the configuration alongside ACF and [ACF Fluent](https://github.com/samrap/acf-fluent).
 
 ```php
 /**
- * Returns the page title used for the password protection page.
- *
- * @param string $name
- * @return string
+ * Configuration for Sage Password Protected.
+ * 
+ * @return array
  */
-add_filter('password-protected/title', function ($name) {
- return $name . ' | Protected';
+add_filter('password_protected', function () {
+ return [
+ 'active' => Acf::option('password_protected')->get(),
+ 'password' => Acf::option('password')->get(),
+ 'allowFeeds' => Acf::option('password_show_feeds')->get(),
+ 'allowAdmins' => Acf::option('password_allow_administrators')->get(),
+ 'allowUsers' => Acf::option('password_allow_users')->get(),
+ 'allowIpAddresses' => Acf::option('password_allow_by_ip_address')->get(),
+ 'allowedIpAddresses' => Acf::option('password_allowed_ip_addresses')->get(),
+ ];
 });
 ```
 

src/PasswordProtected.php

@@ -59,14 +59,19 @@ public function __construct()
  add_action('template_redirect', [$this, 'showLogin'], -1);
 
  /** Configuration */
- $this->isActive = apply_filters('password-protected/isActive', false);
- $this->password = apply_filters('password-protected/password', false);
- $this->secret = apply_filters('password-protected/passwordSecret', $this->secret);
- $this->allowFeeds = apply_filters('password-protected/allowFeeds', false);
- $this->allowAdmins = apply_filters('password-protected/allowAdmins', false);
- $this->allowUsers = apply_filters('password-protected/allowUsers', false);
- $this->allowIpAddresses = apply_filters('password-protected/allowIpAddresses', false);
- $this->allowedIpAddresses = apply_filters('password-protected/allowedIpAddresses', []);
+ $this->defaults = [
+ 'active' => false,
+ 'password' => false,
+ 'secret' => $this->secret,
+ 'allowFeeds' => false,
+ 'allowAdmins' => false,
+ 'allowUsers' => false,
+ 'allowIpAddresses' => false,
+ 'allowedIpAddresses' => [],
+ 'title' => $this->name()
+ ];
+
+ $this->config = (object) wp_parse_args(apply_filters('password_protected', []), $this->defaults);
 
  /** Initialize WP_Error */
  $this->errors = new \WP_Error();
@@ -126,7 +131,7 @@ public function processLogin()
  */
  public function isActive()
  {
- if ($this->isActive) {
+ if ($this->config->active) {
  return is_robots() ? false : true;
  }
 
@@ -174,7 +179,7 @@ public function disableFeeds()
  */
  protected function allowFeeds()
  {
- if ($this->allowFeeds && is_feed()) {
+ if ($this->config->allowFeeds && is_feed()) {
  return true;
  }
 
@@ -189,7 +194,7 @@ protected function allowFeeds()
  */
  protected function allowAdmins()
  {
- if (!is_admin() && $this->allowAdmins && current_user_can('manage_options')) {
+ if (!is_admin() && $this->config->allowAdmins && current_user_can('manage_options')) {
  return true;
  }
 
@@ -204,7 +209,7 @@ protected function allowAdmins()
  */
  protected function allowUsers()
  {
- if (!is_admin() && $this->allowUsers && is_user_logged_in()) {
+ if (!is_admin() && $this->config->allowUsers && is_user_logged_in()) {
  return true;
  }
 
@@ -218,7 +223,7 @@ protected function allowUsers()
  */
  protected function allowedIpAddress()
  {
- if ($this->allowIpAddresses && $this->getAllowedIpAddresses()) {
+ if ($this->config->allowIpAddresses && is_array($this->getAllowedIpAddresses())) {
  if (in_array($_SERVER['REMOTE_ADDR'], $this->getAllowedIpAddresses())) {
  return true;
  }
@@ -234,9 +239,11 @@ protected function allowedIpAddress()
  */
  protected function getAllowedIpAddresses()
  {
- return collect($this->allowedIpAddresses)
+ return collect($this->config->allowedIpAddresses)
  ->map(function ($address) {
- return $address['ip_address'] ?? $address;
+ return collect($address)
+ ->filter()
+ ->pop();
  })->filter()->toArray();
  }
 
@@ -261,7 +268,7 @@ protected function isAllowed()
  */
  protected function getPassword()
  {
- return $this->password;
+ return $this->config->password;
  }
 
  /**
@@ -346,7 +353,7 @@ public function url()
  */
  public function title()
  {
- return apply_filters('password-protected/title', $this->name());
+ return $this->config->title;
  }
 
  /**
@@ -393,7 +400,7 @@ protected function setCookie()
  'agent' => $this->browserAgent() ?? false
  ]), $this->cipher, $this->secret, false, $this->vector);
 
- return setcookie($this->cookie, $cookie, $this->getCookieDuration(), '/', parse_url(get_home_url(), PHP_URL_HOST), is_ssl(), true);
+ return setcookie($this->cookie, $cookie, $this->getCookieDuration(), COOKIEPATH, COOKIE_DOMAIN, is_ssl(), true);
  }
 
  /**
@@ -403,7 +410,7 @@ protected function setCookie()
  */
  protected function unsetCookie()
  {
- return setcookie($this->cookie, '', -1, '/', parse_url(get_home_url(), PHP_URL_HOST));
+ return setcookie($this->cookie, '', -1, COOKIEPATH, COOKIE_DOMAIN);
  }
 
  /**
@@ -431,7 +438,7 @@ protected function verifyCookie()
  */
  protected function parseCookie()
  {
- if (!$cookie = openssl_decrypt($this->getCookie(), $this->cipher, $this->secret, false, $this->vector)) {
+ if (!$cookie = openssl_decrypt($this->getCookie(), $this->cipher, $this->config->secret, false, $this->vector)) {
  return false;
  }