two_factor_user_authenticated
Fires after a user has successfully authenticated via two-factor authentication.
add_action( 'two_factor_user_authenticated', $callback, 10, 1 );
Description
Fires after a user has successfully authenticated via two-factor authentication. Developers can use this hook to perform actions immediately following a successful two-factor login, such as updating user meta, triggering custom notifications, or initiating further user-specific processes. The authenticated user object is passed as an argument.
Usage
add_action( 'two_factor_user_authenticated', 'your_function_name', 10, 1 );Parameters
-
$user(mixed) - The user object for the currently authenticated user.
Examples
<?php
/**
* Example function to hook into the 'two_factor_user_authenticated' action.
* This function could be used to log the successful two-factor authentication.
*
* @param WP_User $user The user object of the authenticated user.
*/
function my_log_two_factor_authentication( WP_User $user ) {
// Ensure we have a user object with an ID.
if ( ! $user instanceof WP_User || ! $user->ID ) {
return;
}
// Log the event to a custom log file or a WordPress transient for auditing.
// In a real-world scenario, you might want more robust logging or error handling.
$log_message = sprintf(
'User ID %d (%s) successfully authenticated using two-factor authentication at %s.',
$user->ID,
$user->user_login,
current_time( 'mysql' )
);
// For demonstration, we'll add it to a transient. In production, consider a dedicated logging system.
$log_entries = get_transient( 'my_two_factor_auth_logs' );
if ( ! $log_entries ) {
$log_entries = array();
}
$log_entries[] = $log_message;
// Limit the number of log entries to prevent transient bloat.
if ( count( $log_entries ) > 50 ) {
$log_entries = array_slice( $log_entries, -50 );
}
set_transient( 'my_two_factor_auth_logs', $log_entries, HOUR_IN_SECONDS * 24 ); // Store logs for 24 hours.
}
// Add the action hook.
// The second parameter '1' indicates that this function expects 1 argument ($user).
add_action( 'two_factor_user_authenticated', 'my_log_two_factor_authentication', 10, 1 );Placement
This code should be placed in the functions.php file of your active theme, a custom plugin, or using a code snippets plugin.
Source Code
src/includes/two-factor/providers/wp-2fa/legacy/class-frontend-login-plus-2fa-legacy.php:368
src/includes/two-factor/providers/wp-2fa/legacy/class-frontend-login-plus-2fa-2.6.php:445
src/includes/two-factor/providers/wp-2fa/legacy/class-frontend-login-plus-2fa-2-4.php:400
src/includes/two-factor/providers/wp-2fa/legacy/class-frontend-login-plus-2fa-2-3.php:373
src/includes/two-factor/providers/wp-2fa/legacy/class-frontend-login-plus-2fa-2-5.php:399
$remember = ( isset( $_REQUEST['rememberme'] ) ) ? filter_var( $_REQUEST['rememberme'], FILTER_VALIDATE_BOOLEAN ) : ''; //phpcs:ignore
if ( ! empty( $remember ) ) {
$rememberme = true;
}
wp_set_auth_cookie( $user->ID, $rememberme );
do_action( 'two_factor_user_authenticated', $user );
// Check if user has any roles/caps set - if they dont, we know its a "network" user.
if ( is_multisite() && ! get_active_blog_for_user( $user->ID ) && empty( $user->caps ) && empty( $user->caps ) ) {
$redirect_to = user_admin_url();
} else {
$redirect_to = apply_filters( 'login_redirect', esc_url_raw( wp_unslash( $_REQUEST['redirect_to'] ) ), esc_url_raw( wp_unslash( $_REQUEST['redirect_to'] ) ), $user ); //phpcs:ignore
}