Two-Factor plugin for WordPress. View on WordPress.org →
See the readme.txt for installation and usage instructions.
Please report (non-security) issues and open pull requests on GitHub. See below for information on reporting potential security/privacy vulnerabilities.
Join the #core-passwords channel on WordPress Slack (sign up here).
To use the provided development environment, you'll first need to install and launch Docker. Once it's running, the next steps are:
$ git clone https://github.com/wordpress/two-factor.git
$ cd two-factor
$ composer install
$ npm install
$ npm run build
$ npm run env start
See package.json for other available scripts you might want to use during development, like linting and testing.
When you're ready, open a pull request with the suggested changes.
- Run
npm run env start - Run
npm run testornpm run test:watch.
- Create a MySQL database for the tests. Don't reuse an existing database, because all of the data will be deleted every time the tests are run.
- Add the following to your
~/.bashrc, with the values for the database you created above:export WORDPRESS_DB_NAME=wp_tests export WORDPRESS_DB_USER=wp_tests export WORDPRESS_DB_PASSWORD=wp_tests source ~/.bashrc- Run
composer run testorcomposer run test:watch.
To view the code coverage report, you can open a web browser, go to File > Open file..., and then select {path to two-factor}/tests/logs/html/index.html.
Deployments to WP.org plugin repository are handled automatically by the GitHub action .github/workflows/deploy.yml. All merges to the master branch are committed to the trunk directory while all Git tags are pushed as versioned releases under the tags directory.
- PHP codebase doesn't pass the WordPress coding standard checks, see #437.
Created by contributors and released under GPLv2 or later.
Please privately report any potential security issues to the WordPress HackerOne program.