Support » Plugin: Two-Factor » Enable only for selected roles

  • Resolved sgrx

    (@sgrx)


    Great free plugin, thanks.

    I don’t want subscribers to have a 2FA option in their profile options, which by default they do. How to have the 2FA options only for admins and editors?

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Author Kaspars

    (@kasparsd)

    This is a great idea @sgrx!

    One solution would be to remove the following hooks for all subscribers:

    remove_action( 'show_user_profile', array( 'Two_Factor_Core', 'user_two_factor_options' ) );
    remove_action( 'edit_user_profile', array( 'Two_Factor_Core', 'user_two_factor_options' ) );

    Doing so during admin_init should work just fine:

    add_action( 'admin_init', function() {
        if ( class_exists( 'Two_Factor_Core' ) && current_user_can( 'subscriber' ) ) {
            remove_action( 'show_user_profile', array( 'Two_Factor_Core', 'user_two_factor_options' ) );
            remove_action( 'edit_user_profile', array( 'Two_Factor_Core', 'user_two_factor_options' ) );
        }
    } );

    Thanks!

    This just hides the options if a subscriber views their profile page, correct? Admins would still be able to edit a subscriber and set 2 factor options for them. Can/should that also be disabled to prevent any inconsistencies?

    Also, how long is the email code valid for? 1 hour?

    • This reply was modified 1 year, 10 months ago by sgrx.
Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Enable only for selected roles’ is closed to new replies.