wp_2fa_login_form
Fires after the Two-Factor Authentication login form is displayed, passing user and provider details.
add_action( 'wp_2fa_login_form', $callback, 10, 2 );
Description
Fires after the Two-Factor Authentication login form is displayed. Developers can use this hook to add custom content, modify the form, or integrate additional authentication steps. It passes the current user object and the active provider.
Usage
add_action( 'wp_2fa_login_form', 'your_function_name', 10, 2 );Parameters
-
$user(mixed) - This parameter contains the user object for the currently logged-in user.
-
$provider(mixed) - This parameter contains the user object or user ID of the currently logged-in user for whom the 2FA login form is being displayed.
Examples
add_action( 'wp_2fa_login_form', 'my_custom_2fa_login_form_handler', 10, 2 );
/**
* Custom handler for the wp_2fa_login_form hook to add a custom 2FA method.
*
* This function demonstrates how to hook into the login form and display
* additional fields or instructions for a custom two-factor authentication
* provider if it's selected.
*
* @param WP_User $user The WP_User object of the logged-in user.
* @param string $provider The slug of the currently active 2FA provider.
*/
function my_custom_2fa_login_form_handler( $user, $provider ) {
// Example: If a hypothetical 'sms' 2FA provider is being used, display a custom message.
if ( 'sms' === $provider ) {
echo '<div class="my-custom-sms-2fa-message">';
echo '<p>Please enter the code sent to your registered mobile number ending in XXXX.</p>';
// In a real scenario, you would likely enqueue a script here to handle
// input fields for the SMS code, AJAX submission, etc.
echo '<input type="text" name="sms_code" id="sms_code" class="input" placeholder="Enter SMS Code">';
echo '</div>';
}
// Example: If a hypothetical 'security_question' 2FA provider is being used,
// display fields for answering a security question.
if ( 'security_question' === $provider ) {
// Assuming the user has a meta field storing their security question.
$security_question = get_user_meta( $user->ID, 'user_security_question', true );
if ( $security_question ) {
echo '<div class="my-custom-security-question-form">';
echo '<p>' . esc_html( $security_question ) . '</p>';
echo '<input type="text" name="security_answer" id="security_answer" class="input" placeholder="Your Answer">';
echo '</div>';
} else {
// Handle cases where the security question is not set for the user.
echo '<div class="my-custom-security-question-error">';
echo '<p>Your security question is not configured. Please contact support.</p>';
echo '</div>';
}
}
}
?>Placement
This code should be placed in the functions.php file of your active theme, a custom plugin, or using a code snippets plugin.
Source Code
src/includes/two-factor/providers/wp-2fa/legacy/class-frontend-login-plus-2fa-2.6.php:694
src/includes/two-factor/providers/wp-2fa/legacy/class-frontend-login-plus-2fa-2-4.php:633
src/includes/two-factor/providers/wp-2fa/legacy/class-frontend-login-plus-2fa-2-3.php:602
src/includes/two-factor/providers/wp-2fa/legacy/class-frontend-login-plus-2fa-2-5.php:632
if ( 'totp' === $provider ) {
TOTP_Wizard_Steps::totp_authentication_page( $user );
} elseif ( 'email' === $provider ) {
$this->two_factor::email_authentication_page( $user );
} elseif ( 'backup_codes' === $provider ) {
$this->two_factor::backup_codes_authentication_page( $user );
} else {
do_action( 'wp_2fa_login_form', $user, $provider );
}
?>
<?php $submit_button_disabled = apply_filters( 'wp_2fa_login_disable_submit_button', false, $user, $provider ); ?>
<?php if ( ! $submit_button_disabled ) : ?>
<?php do_action( 'wp_2fa_login_before_submit_button', $user, $provider ); ?>