From 21234f01801bcaac1f317e6b6f54f30d60bf74e0 Mon Sep 17 00:00:00 2001
From: Paul Kevan <paul.kevan@automattic.com>
Date: Tue, 21 Mar 2023 16:40:05 +0000
Subject: [PATCH] Allow TOTP keys to be filterable

Since the discussion in https://github.com/WordPress/two-factor/pull/389 seems to be on-going, the following should allow users of the plugin to decide how they would like to approach the encryption part.

Perhaps we can follow up with solutions after they've been implemented and debate further?
---
 providers/class-two-factor-totp.php | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/providers/class-two-factor-totp.php b/providers/class-two-factor-totp.php
index 12a80763..36d1c9f3 100644
--- a/providers/class-two-factor-totp.php
+++ b/providers/class-two-factor-totp.php
@@ -420,7 +420,8 @@ public function user_two_factor_options( $user ) {
 	 * @return string
 	 */
 	public function get_user_totp_key( $user_id ) {
-		return (string) get_user_meta( $user_id, self::SECRET_META_KEY, true );
+		$meta = (string) get_user_meta( $user_id, self::SECRET_META_KEY, true );
+		return apply_filters( 'two_factor_totp_get_user_totp_key', $meta, $user_id );
 	}
 
 	/**
@@ -432,6 +433,7 @@ public function get_user_totp_key( $user_id ) {
 	 * @return boolean If the key was stored successfully.
 	 */
 	public function set_user_totp_key( $user_id, $key ) {
+		$key = apply_filters( 'two_factor_totp_set_user_totp_key', $key, $user_id );
 		return update_user_meta( $user_id, self::SECRET_META_KEY, $key );
 	}