Mohamed Endisha
Forum Replies Created
-
Forum: Plugins
In reply to: [Secure Passkeys] You are not authorized to make this request.@bandy1967 Yes, please revert everything back. Just one more thing to confirm the issue:
Open these two files again:
- plugins/secure-passkeys/src/ajax/secure-passkeys-adminarea-settings-ajax.php
- plugins/secure-passkeys/src/ajax/secure-passkeys-adminarea-ajax.php
Replace
if (!$is_admin_requst || !wp_doing_ajax()) {with
if (!wp_doing_ajax()) {This should fix your issue. The fix will be included in the next release (coming soon). For now, please confirm that this resolves your issue so we can prepare the release.
Forum: Plugins
In reply to: [Secure Passkeys] You are not authorized to make this request.@bandy1967 Great that you wrote the message in German
I think troubleshooting this won’t be easy, but if you want to help identify the issue, please do the following:
- Open these two files:
plugins/secure-passkeys/src/ajax/secure-passkeys-adminarea-settings-ajax.php plugins/secure-passkeys/src/ajax/secure-passkeys-adminarea-ajax.php- In both files, locate the method
throw_error_if_invalid_request(). - Inside that method, search for:
$message = __('You do not have permission to make this request.', 'secure-passkeys');- Comment out that line by adding
//at the beginning, like this:
//$message = __('You do not have permission to make this request.', 'secure-passkeys');This is just to check if the issue is related to the
HTTP_REFERER.Forum: Plugins
In reply to: [Secure Passkeys] You are not authorized to make this request.The message “You are not authorized to make this request.” does not come from the Secure Passkeys plugin, and WordPress itself does not include this error message. Are you sure?
I recommend checking the Network > Fetch/XHR tab in your browser’s developer tools, then refreshing the page to inspect the request and response payload. This will help identify whether the error is coming from the plugin itself or from a conflict with another plugin.
Forum: Plugins
In reply to: [Secure Passkeys] Fatal ErrorRelease 1.2.0 has been published and is now available. This update includes a fix for this issue.
Forum: Plugins
In reply to: [Secure Passkeys] Fatal ErrorGreat, Please stay tuned, the next release is coming soon.
Forum: Plugins
In reply to: [Secure Passkeys] Fatal Error@kiandept Yes, I’m aware it’s running locally on Windows, which is why I asked you to log the autoloader to help me identify the issue.
Open:/secure-passkeys/src/core/secure-passkeys-autoloader.phpReplace
private function get_class_file(string $class): string
{
$class_file = strtolower(str_replace('_', '-', $class));
$class_file = str_replace('\\', DIRECTORY_SEPARATOR, $class_file);
$class_file = str_replace(SECURE_PASSKEYS_PLUGIN_BASENAME . '/', '', $class_file);
return SECURE_PASSKEYS_PLUGIN_DIR . '/src/' . $class_file . '.php';
}With:
private function get_class_file(string $class): string
{
$class_file = strtolower(str_replace('_', '-', $class));
$class_file = str_replace('\\', '/', $class_file);
$basename = strtolower(str_replace('\\', '/', SECURE_PASSKEYS_PLUGIN_BASENAME . '/'));
if (strpos($class_file, $basename) === 0) {
$class_file = substr($class_file, strlen($basename));
}
$class_file = str_replace('/', DIRECTORY_SEPARATOR, $class_file);
return SECURE_PASSKEYS_PLUGIN_DIR . DIRECTORY_SEPARATOR . 'src' . DIRECTORY_SEPARATOR . $class_file . '.php';
}Finally, please try this one, it should resolve the issue, if it does, please confirm.
Forum: Plugins
In reply to: [Secure Passkeys] Fatal Error@kiandept Thank you for sharing the debug info. this issue is likely caused by something specific in environment.
Could you please check the following:
- File permissions: Ensure all plugin files and folders have proper read permissions for the web server (usually
644for files and755for folders). - Clear PHP caches: If your server uses OPCache or any PHP cache, please clear it or restart your PHP process.
- PHP version: Confirm your PHP version is supported (7.4+ or 8.x).
Also, if possible, please help us gather more detailed debugging info by doing the following:
1. Open the file:
/secure-passkeys/src/core/secure-passkeys-autoloader.php2. Find
private function get_class_file(string $class): string
{
$class_file = strtolower(str_replace('_', '-', $class));
$class_file = str_replace('\\', DIRECTORY_SEPARATOR, $class_file);
$class_file = str_replace(SECURE_PASSKEYS_PLUGIN_BASENAME . '/', '', $class_file);
return SECURE_PASSKEYS_PLUGIN_DIR . '/src/' . $class_file . '.php';
}3. Replace it with:
private function get_class_file(string $class): string
{
$logs = [];
$logs[] = SECURE_PASSKEYS_PLUGIN_FILE;
$logs[] = SECURE_PASSKEYS_PLUGIN_DIR;
$logs[] = DIRECTORY_SEPARATOR;
$logs[] = $class;
$class_file = strtolower(str_replace('_', '-', $class));
$class_file = str_replace('\\', DIRECTORY_SEPARATOR, $class_file);
$class_file = str_replace(SECURE_PASSKEYS_PLUGIN_BASENAME . '/', '', $class_file);
$logs[] = $class_file;
$logs[] = SECURE_PASSKEYS_PLUGIN_DIR . '/src/' . $class_file . '.php';
$logs[] = file_exists(SECURE_PASSKEYS_PLUGIN_DIR . '/src/' . $class_file . '.php');
if(strpos(strtolower($class),'application') !== false){
error_log(print_r($logs,true),3,__DIR__.'/logs.log');
}
return SECURE_PASSKEYS_PLUGIN_DIR . '/src/' . $class_file . '.php';
}4. Then refresh the site once to generate the log file.
This will create a
logs.logfile inside/secure-passkeys/src/core/. Please share the contents of that log file with me — it will help identify exactly how your environment is resolving paths and separators.After that, you can remove this debug code to keep things clean and I hope this will give me full clarification of your issue.
Forum: Plugins
In reply to: [Secure Passkeys] Fatal ErrorUnfortunately, I cannot reproduce the issue, it works on my end. I have already tested it on local, shared hosting, VPS, and dedicated servers.
Could you please provide more details about the error? Check the
error_logfile on your server for relevant entries.Also, please enable WordPress debugging and share the debug output so we can see what happened:
https://developer.wordpress.org/advanced-administration/debug/debug-wordpress/Forum: Plugins
In reply to: [Secure Passkeys] PHP Warning on Activity ListThanks a lot, that means a lot to me, I’m glad my code has been helpful to you.
Forum: Plugins
In reply to: [Secure Passkeys] how to disable activity logsFollowing your suggestion, disabling activity logs is now a built-in optional feature in version 1.1.0, which has now been released.
Forum: Plugins
In reply to: [Secure Passkeys] Auto generate Security Key NameFollowing your suggestion, auto-generating key names is now a built-in optional feature in version 1.1.0, which has now been released.
Forum: Plugins
In reply to: [Secure Passkeys] PHP Warning on Activity ListThank you. I’ve included the fix at the last moment in the 1.1.0 release. It is now available and the issue has been fixed.
Forum: Plugins
In reply to: [Secure Passkeys] Magic login placement adjustmentTo be compatible with the Magic Login plugin style, please follow these steps:
1. Add a Custom Template
In your theme directory, create a folder named
secure-passkeysand add a file namedlogin.custom.phpwith the following content:/wp-content/themes/your-theme/secure-passkeys/login.custom.php<?php
/**
* Login Custom template
*
* @package SecurePasskeys
*/
defined('ABSPATH') || exit;
?>
<script>
document.addEventListener("DOMContentLoaded", function () {
const box = document.getElementById("secure-passkey-login-container");
const submit = document.querySelector(".continue-with-magic-login");
if (box && submit) {
submit.insertAdjacentElement("afterend", box);
}
if (box) {
box.style.display = "block";
}
});
</script>
<div class="secure-passkey-login-wrapper" id="secure-passkey-login-container" style="display: none;text-align: center;border:0;margin-top: 0;padding: 0;">
<span class="magic-login-or-separator"></span>
<div id="errorMessage" class="notice notice-error" style="display: none;"></div>
<div id="successMessage" class="notice notice-success" style="display: none;"></div>
<button id="login-via-passkey" class="button button-primary button-hero login-via-passkey" style="width: 100%;">
<span id="spinnerText" style="display: none;"><?php esc_html_e('Login via Passkey..', 'secure-passkeys') ;?></span>
<span id="buttonText"><?php esc_html_e('Login via Passkey', 'secure-passkeys') ;?></span>
</button>
</div>2- Register the Template in
functions.phpIn your theme’s
/wp-content/themes/your-theme/functions.php add the following code:<?php
add_filter('secure_passkeys_include_view_frontend_file', function ($file_path, $theme, $template) {
if ($template === 'login.default') {
$custom_file_path = __DIR__ . '/secure-passkeys/login.custom.php';
if (file_exists($custom_file_path)) {
$file_path = $custom_file_path;
}
}
return $file_path;
}, 10, 3);
sNote: If you change the folder or file name, make sure to update the path in the code accordingly.
Output: https://ibb.co/fzWz1Q1n
Forum: Plugins
In reply to: [Secure 2FA] Front EndSecure 2FA currently does not support custom login pages and only works with the default WordPress login page. We will evaluate the possibility of adding support for custom pages in a future release.
Thanks
Thank you for your feedback
This can be implemented outside the plugin itself. You can check if the user doesn’t have any registered passkeys and then display an alert or prompt on the login redirect page, encouraging them to create one. This provides a flow and reduces the number of steps for users.
I’ll review this logic to determine if it makes sense to include it as a built-in option in a future update or not.