WP登录尝试 - WP login attempts

我一直有一个策略'插件越少越好'，所以请不要推荐Login Attempts插件，特别是如果它已经好几年没有更新了

话虽如此，我还是找到了这个片段&添加到functions.php:

//Limit Login Attempts
if ( ! class_exists( 'limit_login_attempts' ) ) {
    class limit_login_attempts {
        var $failed_login_limit = 3;                    //Number of authentification accepted
        var $lockout_duration   = 1800;                 //Stop authentification process for 30 minutes: 60*30 = 1800
        var $transient_name     = 'attempted_login';    //Transient used
        public function __construct() {
            add_filter( 'authenticate', array( $this, 'check_attempted_login' ), 30, 3 );
            add_action( 'wp_login_failed', array( $this, 'login_failed' ), 10, 1 );
        }
        /**
         * Lock login attempts of failed login limit is reached
         */
        public function check_attempted_login( $user, $username, $password ) {
            if ( get_transient( $this->transient_name ) ) {
                $datas = get_transient( $this->transient_name );
                if ( $datas['tried'] >= $this->failed_login_limit ) {
                    $until = get_option( '_transient_timeout_' . $this->transient_name );
                    $time = $this->when( $until );
                    //Display error message to the user when limit is reached 
                    return new WP_Error( 'too_many_tried', sprintf( __( '<strong>ERROR</strong>: You have reached authentification limit, you will be able to try again in %1$s.' ) , $time ) );
                }
            }
            return $user;
        }

        /**
         * Add transient
         */
        public function login_failed( $username ) {
            if ( get_transient( $this->transient_name ) ) {
                $datas = get_transient( $this->transient_name );
                $datas['tried']++;
                if ( $datas['tried'] <= $this->failed_login_limit )
                    set_transient( $this->transient_name, $datas , $this->lockout_duration );
            } else {
                $datas = array(
                    'tried'     => 1
                );
                set_transient( $this->transient_name, $datas , $this->lockout_duration );
            }
        }

        /**
         * Return difference between 2 given dates
         * @param  int      $time   Date as Unix timestamp
         * @return string           Return string
         */
        private function when( $time ) {
            if ( ! $time )
                return;
            $right_now = time();
            $diff = abs( $right_now - $time );
            $second = 1;
            $minute = $second * 60;
            $hour = $minute * 60;
            $day = $hour * 24;
            if ( $diff < $minute )
                return floor( $diff / $second ) . ' secondes';
            if ( $diff < $minute * 2 )
                return "about 1 minute ago";
            if ( $diff < $hour )
                return floor( $diff / $minute ) . ' minutes';
            if ( $diff < $hour * 2 )
                return 'about 1 hour';
            return floor( $diff / $hour ) . ' hours';
        }
    }
}
//Enable
new limit_login_attempts();

它不显示任何消息，所以我不知道现在检查它是否正常工作。

我以前从未使用过WP_Error，文档也不是很有用。这个错误应该如何输出或在哪里输出?

我有前端登录，不应该改变任何东西，因为它使用autheniticate和wp_login_failed过滤器/动作，对吧?
这是我第一次听说瞬态&我读到这个值可能不会保存在数据库中。无论如何检查-不在那里。
没有错误

为什么不工作?一些关于如何自己调试的提示也会很棒。

定义为类变量:

var $error = null;

添加到构造函数中:

$this->error = new WP_Error();

在您的情况下，如果有任何错误，请添加

$error->add('login_atttempts', 'Your message!');

你可以在末尾检查:

$errors = $error->get_error_messages();
if( ! empty($errors)) {
   wp_die($error) // You can pass the whole WP_Error object to wp_die()
}