Two Factor Authentication App Support/Compatibility

[mmarj]

Enhancement: Two Factor Authentication App Support/Compatibility

Description: Currently, WPUF doesn't allow to login through [wpuf-login] shortcode/page. As there is no such compatibility with the WPUF. So this is conflicting with such type of 2FA provider plugins.

How to reproduce:

1. Enable any 2FA functionality with a plugin like (Wordfence Login Security or iThemes WordPress Two Factor Authentication Pro Plugin)

2. Then try to login from [wpuf-login] shortcode/page. You will see an error like CODE REQUIRED (http://prntscr.com/ug6ni4)

[jasonb4u]

Hi,

Same with iThemes Security Pro when Two Factor is enabled and trying to sign in, takes me back to the login page and cannot login

[DenisCGN]

same!

[DenisCGN]

Any news?

[Dave-SuperKind]

I recently bumped into this issue after deciding to give Wordfence's 2FA a go on top of WPUF. After comparing results on a vanilla WP site, and trawling through the relevant parts of both WPUF and Wordfence source, I concluded that the only critical component that doesn't load on the WPUF login form template is the "login_enqueue_scripts" hook which Wordfence and presumably other 2FA plugins use to enqueue the necessary styles and JS.

So at the very top of my "[theme]/wpuf/login-form.php" template override I plonked:

do_action('login_enqueue_scripts');

...and it worked first time. It'll probably need some style adjustments, but it works.

[UPDATE:]

It turns out that while 2FA was working for those accounts with it activated, login was semi-broken for non-2FA accounts. I discovered that the "process_login" function hooked to "init" was short-circuiting Wordfence's ajax request, so I've added the following to the beginning of the function in "/wp-user-frontend/includes/free/class-login.php" to prevent it running on ajax requests:

if (defined('DOING_AJAX')) { return; }

That seems to have done the trick for me.