get_keys(); $records[ $token ] = array( 'hashed_key' => wp_fast_hash( $key ), 'created_at' => time(), ); $this->update_keys( $records ); do_action( 'generate_recovery_mode_key', $token, $key ); return $key; } public function validate_recovery_mode_key( $token, $key, $ttl ) { $records = $this->get_keys(); if ( ! isset( $records[ $token ] ) ) { return new WP_Error( 'token_not_found', __( 'Recovery Mode not initialized.' ) ); } $record = $records[ $token ]; $this->remove_key( $token ); if ( ! is_array( $record ) || ! isset( $record['hashed_key'], $record['created_at'] ) ) { return new WP_Error( 'invalid_recovery_key_format', __( 'Invalid recovery key format.' ) ); } if ( ! wp_verify_fast_hash( $key, $record['hashed_key'] ) ) { return new WP_Error( 'hash_mismatch', __( 'Invalid recovery key.' ) ); } if ( time() > $record['created_at'] + $ttl ) { return new WP_Error( 'key_expired', __( 'Recovery key expired.' ) ); } return true; } public function clean_expired_keys( $ttl ) { $records = $this->get_keys(); foreach ( $records as $key => $record ) { if ( ! isset( $record['created_at'] ) || time() > $record['created_at'] + $ttl ) { unset( $records[ $key ] ); } } $this->update_keys( $records ); } private function remove_key( $token ) { $records = $this->get_keys(); if ( ! isset( $records[ $token ] ) ) { return; } unset( $records[ $token ] ); $this->update_keys( $records ); } private function get_keys() { return (array) get_option( $this->option_name, array() ); } private function update_keys( array $keys ) { return update_option( $this->option_name, $keys, false ); } }