From d7dbe7fee362d587dfc334135d9581b6216a4295 Mon Sep 17 00:00:00 2001
From: Jake Vanderwerf <get@jakevanderwerf.ca>
Date: Sun, 23 Nov 2025 04:13:56 +0000
Subject: [PATCH] =Timeline block, and feed block updated. DataStore.js refactored to not block rendering

---
 inc/rest/routes/LoginRoutes.php |   21 +++++----------------
 1 files changed, 5 insertions(+), 16 deletions(-)

diff --git a/inc/rest/routes/LoginRoutes.php b/inc/rest/routes/LoginRoutes.php
index ec82f0d..ad47bff 100644
--- a/inc/rest/routes/LoginRoutes.php
+++ b/inc/rest/routes/LoginRoutes.php
@@ -134,14 +134,15 @@
 
 	public function handleLogin(WP_REST_Request $request): WP_REST_Response
 	{
+		$data = $request->get_json_params();
 		// Verify Turnstile
-		if (!$this->verifyTurnstile($request->get_param('cf-turnstile-response') ?? '')) {
+		if (!$this->verifyTurnstile($data['cf-turnstile-response'] ?? '')) {
 			return $this->error('Security verification failed', 'turnstile_failed', 403);
 		}
 
-		$username = $request->get_param('user_email');
-		$password = $request->get_param('user_password');
-		$remember = (bool)$request->get_param('remember_me');
+		$username = sanitize_email($data['user_email'] ?? '');
+		$password = $data['user_password'] ?? '';
+		$remember = (bool)($data['remember_me'] ?? false);
 
 		// Check for account lockout
 		$lockout = $this->checkAccountLockout($username);
@@ -638,18 +639,6 @@
 		return true;
 	}
 
-	protected function verifyTurnstile(string $token): bool
-	{
-		if (!Features::hasIntegration('cloudflare') || !JVB()->connect('cloudflare')->isSetUp()) {
-			return true;
-		}
-
-		if (empty($token)) {
-			return false;
-		}
-
-		return JVB()->connect('cloudflare')->verifyTurnstile($token);
-	}
 
 	/**
 	 * Helper to return error response

--
Gitblit v1.10.0