2FA: Add pattern to validate phone number format as per E.164 #5538
Conversation
Codecov ReportAttention: Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## develop #5538 +/- ##
=============================================
- Coverage 31.36% 31.36% -0.01%
Complexity 5028 5028
=============================================
Files 298 298
Lines 22047 22048 +1
=============================================
Hits 6916 6916
- Misses 15131 15132 +1 ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
Addressing the SonarCloud check that failed, although target="_blank" should handle it
…ic/vip-go-mu-plugins into add/2fa-phone-number-validation
|
|
This pull request has been marked stale because it has been open for 60 days with no activity. If there is no activity within 7 days, it will be closed. This is an automation to keep pull requests manageable and actionable and is not a comment on the quality of this pull request nor on the work done so far. Closed PRs are still valuable to the project and their branches are preserved. |
| @@ -201,12 +201,15 @@ public function user_options( $user ) { | |||
| <?php else : ?> | |||
| <label>Phone Number | |||
| <input name="vip-two-factor-phone" type="tel" | |||
| pattern="^\+[1-9]\d{1,14}$" | |||
There was a problem hiding this comment.
ITU-T specifies that a phone number cannot be longer than fifteen digits, with one to three digits reserved for the country calling code, but valid numbers in Germany have been assigned that are longer than this.
-- https://github.com/google/libphonenumber/blob/master/FALSEHOODS.md
|
This pull request has been marked stale because it has been open for 60 days with no activity. If there is no activity within 7 days, it will be closed. This is an automation to keep pull requests manageable and actionable and is not a comment on the quality of this pull request nor on the work done so far. Closed PRs are still valuable to the project and their branches are preserved. |
|
This pull request has been marked stale because it has been open for 60 days with no activity. If there is no activity within 7 days, it will be closed. This is an automation to keep pull requests manageable and actionable and is not a comment on the quality of this pull request nor on the work done so far. Closed PRs are still valuable to the project and their branches are preserved. |
|
This pull request has been marked stale because it has been open for 60 days with no activity. If there is no activity within 7 days, it will be closed. This is an automation to keep pull requests manageable and actionable and is not a comment on the quality of this pull request nor on the work done so far. Closed PRs are still valuable to the project and their branches are preserved. |
|
@andrea-sdl how did we solve this for VIP Auth? Can we implement similar validation here? |
|
@mjangda for VIP Auth we used https://github.com/jackocnr/intl-tel-input on the frontend, and then validated the phone number via the Twilio API https://github.com/Automattic/vip-auth/blob/d414a80f657954c84026d7fe9dd4799d423ee6be/client-mu-plugins/vip-auth/src/mfa/providers/class-sms.php#L75 |
|
Description
The SMS provider that the two-factor authentication plugin uses rejects any phone number that isn't in E.164 standards.
Here we're applying some client-side validation using HTML to ensure that incorrect phone numbers aren't configured.
Changelog Description
Changed
Pre-review checklist
Pre-deploy checklist
Steps to Test
wp-admin>Tools>Bakery