From b885c812a9da47ffeb8a9dc1c2b29d9f5378c074 Mon Sep 17 00:00:00 2001
From: Josh Cunningham <josh@joshcanhelp.com>
Date: Mon, 26 Mar 2018 17:33:52 -0700
Subject: [PATCH] Combining Lock init process; removing unused templates; Lock
 login form id constant

---
 WP_Auth0.php                          |  3 +-
 assets/js/lock-init.js                | 42 +++++++++++++++
 assets/js/login-pwl.js                | 43 ---------------
 assets/lib/js.cookie.min.js           |  1 +
 lib/WP_Auth0_Embed_Widget.php         |  4 +-
 lib/WP_Auth0_Lock10_Options.php       | 18 +++----
 lib/WP_Auth0_Lock_Options.php         |  2 +-
 readme.txt                            | 14 ++---
 templates/auth0-login-form-lock10.php | 76 ---------------------------
 templates/auth0-login-form-pwl.php    | 39 --------------
 templates/auth0-login-form.php        | 27 ++++++++++
 templates/error-msg.php               | 34 ------------
 templates/login-form.php              | 69 +++++++++++++-----------
 13 files changed, 124 insertions(+), 248 deletions(-)
 create mode 100644 assets/js/lock-init.js
 delete mode 100644 assets/js/login-pwl.js
 create mode 100644 assets/lib/js.cookie.min.js
 delete mode 100644 templates/auth0-login-form-lock10.php
 delete mode 100644 templates/auth0-login-form-pwl.php
 create mode 100644 templates/auth0-login-form.php
 delete mode 100644 templates/error-msg.php

diff --git a/WP_Auth0.php b/WP_Auth0.php
index 52ae1919..b9bb3f2b 100644
--- a/WP_Auth0.php
+++ b/WP_Auth0.php
@@ -21,6 +21,7 @@
 define( 'WPA0_LOCK_CDN_URL', 'https://cdn.auth0.com/js/lock/11.5/lock.min.js' );
 define( 'WPA0_AUTH0_JS_CDN_URL', 'https://cdn.auth0.com/js/auth0/9.4/auth0.min.js' );
 
+define( 'WPA0_AUTH0_LOGIN_FORM_ID', 'auth0-login-form' );
 define( 'WPA0_CACHE_GROUP', 'wp_auth0' );
 define( 'WPA0_STATE_COOKIE_NAME', 'auth0_state' );
 define( 'WPA0_JWKS_CACHE_TRANSIENT_NAME', 'WP_Auth0_JWKS_cache' );
@@ -130,7 +131,6 @@ public function init() {
 		$this->check_signup_status();
 
 		if ( $this->a0_options->get( 'auto_login' ) ) {
-		  
 			WP_Auth0_Nonce_Handler::getInstance()->setCookie();
 		}
 
@@ -400,7 +400,6 @@ public function render_form( $html ) {
 		ob_start();
 		require_once WPA0_PLUGIN_DIR . 'templates/login-form.php';
 		renderAuth0Form();
-
 		return ob_get_clean();
 	}
 
diff --git a/assets/js/lock-init.js b/assets/js/lock-init.js
new file mode 100644
index 00000000..d69ab921
--- /dev/null
+++ b/assets/js/lock-init.js
@@ -0,0 +1,42 @@
+/* globals jQuery, console, Cookies, wpAuth0LockGlobal, Auth0Lock, Auth0LockPasswordless */
+jQuery(document).ready(function ($) {
+    var opts = wpAuth0LockGlobal;
+    var loginForm = $( '#' + opts.loginFormId );
+
+    // Missing critical Auth0 settings
+    if ( ! opts.ready || ! loginForm.length ) {
+        $( '#form-signin-wrapper' ).hide();
+        $( '#loginform' ).show();
+        $( '#login' ).find( 'h1' ).show();
+
+        if ( ! opts.ready ) {
+            console.error( opts.i18n.notReadyText );
+        }
+        if ( ! loginForm.length ) {
+            console.error( opts.i18n.cannotFindNodeText + '"' + opts.loginFormId + '"' );
+        }
+        return;
+    }
+
+    // Set state cookie to verify during callback
+    Cookies.set( opts.stateCookieName, opts.settings.auth.params.state );
+
+    // Set Lock to standard or Passwordless
+    var Lock = opts.usePasswordless
+        ? new Auth0LockPasswordless( opts.clientId, opts.domain, opts.settings )
+        : new Auth0Lock( opts.clientId, opts.domain, opts.settings );
+
+    // Check if we're showing as a modal, can be used in shortcodes and widgets
+    if ( opts.showAsModal ) {
+        $( '<button>' )
+            .text( opts.i18n.modalButtonText )
+            .attr( 'id', 'a0LoginButton' )
+            .insertAfter( loginForm )
+            .click( function () {
+                Lock.show();
+            } );
+    } else {
+        Lock.show();
+    }
+});
+
diff --git a/assets/js/login-pwl.js b/assets/js/login-pwl.js
deleted file mode 100644
index a2aff574..00000000
--- a/assets/js/login-pwl.js
+++ /dev/null
@@ -1,43 +0,0 @@
-/* globals jQuery, console, alert, wpAuth0PwlGlobal, Auth0LockPasswordless */
-jQuery(document).ready(function ($) {
-
-    var formWrapper = $( '#form-signin-wrapper' );
-    var modalButton = $( '#a0LoginButton' );
-
-    // Missing critical Auth0 settings
-    if ( ! wpAuth0PwlGlobal.lock.ready ) {
-        formWrapper.hide();
-        $( '#loginform' ).show();
-        $( '#login' ).find( 'h1' ).show();
-        return;
-    }
-
-    // General Lock options pulled from the settings
-    var options = wpAuth0PwlGlobal.lock.options;
-
-    // Extra options are set in the shortcode and widget
-    var extraOptions = formWrapper.attr( 'data-auth0-opts' );
-
-    if ( extraOptions ) {
-        try {
-            extraOptions = JSON.parse( extraOptions );
-            $.extend( options, extraOptions );
-        } catch ( err ) {
-            // TODO: better handling
-            console.log( err.message );
-        }
-    }
-
-    var Lock = new Auth0LockPasswordless(
-        wpAuth0PwlGlobal.lock.clientId,
-        wpAuth0PwlGlobal.lock.domain,
-        options
-    );
-
-    if ( extraOptions.show_as_modal ) {
-        modalButton.click( Lock.show );
-    } else {
-        Lock.show();
-    }
-});
-
diff --git a/assets/lib/js.cookie.min.js b/assets/lib/js.cookie.min.js
new file mode 100644
index 00000000..1530cfad
--- /dev/null
+++ b/assets/lib/js.cookie.min.js
@@ -0,0 +1 @@
+!function(e){var n=!1;if("function"==typeof define&&define.amd&&(define(e),n=!0),"object"==typeof exports&&(module.exports=e(),n=!0),!n){var o=window.Cookies,t=window.Cookies=e();t.noConflict=function(){return window.Cookies=o,t}}}(function(){function e(){for(var e=0,n={};e<arguments.length;e++){var o=arguments[e];for(var t in o)n[t]=o[t]}return n}function n(o){function t(n,r,i){var c;if("undefined"!=typeof document){if(arguments.length>1){if("number"==typeof(i=e({path:"/"},t.defaults,i)).expires){var a=new Date;a.setMilliseconds(a.getMilliseconds()+864e5*i.expires),i.expires=a}i.expires=i.expires?i.expires.toUTCString():"";try{c=JSON.stringify(r),/^[\{\[]/.test(c)&&(r=c)}catch(e){}r=o.write?o.write(r,n):encodeURIComponent(String(r)).replace(/%(23|24|26|2B|3A|3C|3E|3D|2F|3F|40|5B|5D|5E|60|7B|7D|7C)/g,decodeURIComponent),n=(n=(n=encodeURIComponent(String(n))).replace(/%(23|24|26|2B|5E|60|7C)/g,decodeURIComponent)).replace(/[\(\)]/g,escape);var s="";for(var f in i)i[f]&&(s+="; "+f,!0!==i[f]&&(s+="="+i[f]));return document.cookie=n+"="+r+s}n||(c={});for(var p=document.cookie?document.cookie.split("; "):[],d=/(%[0-9A-Z]{2})+/g,u=0;u<p.length;u++){var l=p[u].split("="),C=l.slice(1).join("=");this.json||'"'!==C.charAt(0)||(C=C.slice(1,-1));try{var g=l[0].replace(d,decodeURIComponent);if(C=o.read?o.read(C,g):o(C,g)||C.replace(d,decodeURIComponent),this.json)try{C=JSON.parse(C)}catch(e){}if(n===g){c=C;break}n||(c[g]=C)}catch(e){}}return c}}return t.set=t,t.get=function(e){return t.call(t,e)},t.getJSON=function(){return t.apply({json:!0},[].slice.call(arguments))},t.defaults={},t.remove=function(n,o){t(n,"",e(o,{expires:-1}))},t.withConverter=n,t}return n(function(){})});
\ No newline at end of file
diff --git a/lib/WP_Auth0_Embed_Widget.php b/lib/WP_Auth0_Embed_Widget.php
index 5aaa0a90..9da9de8b 100644
--- a/lib/WP_Auth0_Embed_Widget.php
+++ b/lib/WP_Auth0_Embed_Widget.php
@@ -44,8 +44,8 @@ public function widget( $args, $instance ) {
 
 			$instance['show_as_modal'] = $this->showAsModal();
 			$instance['modal_trigger_name'] = isset( $instance['modal_trigger_name'] )
-        ? $instance['modal_trigger_name']
-        : __( 'Login', 'wp-auth0' );
+				? $instance['modal_trigger_name']
+				: __( 'Login', 'wp-auth0' );
 
 			if ( !isset( $instance['redirect_to'] ) || empty($instance['redirect_to']) ) {
 				$instance['redirect_to'] = home_url( $_SERVER["REQUEST_URI"] );
diff --git a/lib/WP_Auth0_Lock10_Options.php b/lib/WP_Auth0_Lock10_Options.php
index baff5033..2142b36d 100644
--- a/lib/WP_Auth0_Lock10_Options.php
+++ b/lib/WP_Auth0_Lock10_Options.php
@@ -7,8 +7,6 @@ class WP_Auth0_Lock10_Options {
   protected $signup_mode = false;
   protected $_scopes = 'openid email name nickname picture';
 
-  const PWL_CDN_URL = '//cdn.auth0.com/js/lock/11.5/lock.min.js';
-
   /**
    * WP_Auth0_Lock10_Options constructor.
    *
@@ -233,19 +231,16 @@ public function get_lock_options() {
     if ( isset( $this->extended_settings['redirect_to'] ) ) {
       $redirect_to = $this->extended_settings['redirect_to'];
     }
-    $state = $this->get_state_obj( $redirect_to );
-
-    $options_obj = $this->build_settings( $this->wp_options->get_options() );
-    $extended_settings = $this->build_settings( $extended_settings );
 
     $extraOptions = array(
       "auth"    => array(
-        "params" => array("state" => $state ),
+        "params" => array(
+          "state" => $this->get_state_obj( $redirect_to ),
+          "scope" => apply_filters( 'auth0_auth_param_scopes', $this->_scopes ),
+        ),
       ),
     );
 
-    $extraOptions["auth"]["params"]["scope"] = apply_filters( 'auth0_auth_param_scopes', $this->_scopes );
-
     if ( $this->get_auth0_implicit_workflow() ) {
       $extraOptions["auth"]["responseType"] = 'id_token';
       $extraOptions["auth"]["redirectUrl"] = $this->get_implicit_callback_url();
@@ -255,10 +250,13 @@ public function get_lock_options() {
       $extraOptions["auth"]["redirectUrl"] = $this->get_code_callback_url();
     }
 
+    $options_obj = $this->build_settings( $this->wp_options->get_options() );
+    $extended_settings = $this->build_settings( $extended_settings );
+
     $options_obj = array_replace_recursive( $extraOptions, $options_obj, $extended_settings );
 
     if ( ! $this->show_as_modal() ) {
-      $options_obj['container'] = 'auth0-login-form';
+      $options_obj['container'] = WPA0_AUTH0_LOGIN_FORM_ID;
     }
 
     if ( ! $this->is_registration_enabled() ) {
diff --git a/lib/WP_Auth0_Lock_Options.php b/lib/WP_Auth0_Lock_Options.php
index 01b8bc88..1fb2e8c1 100644
--- a/lib/WP_Auth0_Lock_Options.php
+++ b/lib/WP_Auth0_Lock_Options.php
@@ -226,7 +226,7 @@ public function get_lock_options() {
 		$options_obj = array_merge( $extraOptions, $options_obj, $extended_settings );
 
 		if ( ! $this->show_as_modal() ) {
-			$options_obj['container'] = 'auth0-login-form';
+			$options_obj['container'] = WPA0_AUTH0_LOGIN_FORM_ID;
 		}
 
 		if ( ! $this->is_registration_enabled() ) {
diff --git a/readme.txt b/readme.txt
index 2b4a8580..843fb966 100644
--- a/readme.txt
+++ b/readme.txt
@@ -124,7 +124,7 @@ Yes, this plugin will override the default WooCommerce login forms with the Auth
 All is not lost!
 
 * If you're setting up the plugin for the first time or having issues with users logging in, please review the [configuration](https://auth0.com/docs/cms/wordpress/configuration) and [troubleshooting](https://auth0.com/docs/cms/wordpress/troubleshoot) pages at [auth0.com/docs](https://auth0.com/docs/cms/wordpress/).
-* If you found a bug in the plugin code [submit an issue](https://github.com/auth0/wp-auth0/issues) or [create a pull request](https://github.com/auth0/wp-auth0/pulls) on [GitHub](https://github.com/auth0/wp-auth0/).
+* If you found a bug in the plugin code [submit an issue](https://github.com/auth0/wp-auth0/issues) or [create a pull request](https://github.com/auth0/wp-auth0/pulls) on GitHub.
 * If you have questions about how to use Auth0 or the plugin, please [post on our community site](https://community.auth0.com/) or create a [support forum request here](https://wordpress.org/support/plugin/auth0).
 * You can also see additional documentation and answers on our [support site](https://support.auth0.com/). Customers on a paid Auth0 plan can [submit a trouble ticket](https://support.auth0.com/tickets) for a fast response.
 
@@ -132,14 +132,10 @@ All is not lost!
 
 All is not lost!
 
-* If you're setting up the plugin for the first time or having issues after an upgrade, please review the [configuration
- page at auth0.com/docs](https://auth0.com/docs/cms/wordpress/configuration)
-* If you found a bug in the plugin code [submit an issue](https://github.com/auth0/wp-auth0/issues) or [create a pull
-request](https://github.com/auth0/wp-auth0/pulls) on [GitHub](https://github.com/auth0/wp-auth0/).
-* If you have questions about how to use Auth0 or the plugin, please [post on our community site](https://community
-.auth0.com/) or create a [support forum request here](https://wordpress.org/support/plugin/auth0).
-* You can also see additional documentation and answers on our [support site](https://support.auth0.com/). Customers on
-a paid Auth0 plan can submit trouble tickets for a fast response.
+* If you're setting up the plugin for the first time or having issues after an upgrade, please review the [configuration page at auth0.com/docs](https://auth0.com/docs/cms/wordpress/configuration)
+* If you found a bug in the plugin code [submit an issue](https://github.com/auth0/wp-auth0/issues) or [create a pull request](https://github.com/auth0/wp-auth0/pulls) on [GitHub](https://github.com/auth0/wp-auth0/).
+* If you have questions about how to use Auth0 or the plugin, please [post on our community site](https://community.auth0.com/) or create a [support forum request here](https://wordpress.org/support/plugin/auth0).
+* You can also see additional documentation and answers on our [support site](https://support.auth0.com/). Customers on a paid Auth0 plan can submit trouble tickets for a fast response.
 
 == Changelog ==
 
diff --git a/templates/auth0-login-form-lock10.php b/templates/auth0-login-form-lock10.php
deleted file mode 100644
index 2697d1fd..00000000
--- a/templates/auth0-login-form-lock10.php
+++ /dev/null
@@ -1,76 +0,0 @@
-<?php
-$lock_options = new WP_Auth0_Lock10_Options( $specialSettings );
-
-if ( ! $lock_options->can_show() ) {
-?>
-    <p><?php _e( 'Auth0 Integration has not yet been set up! Please visit your Wordpress Auth0 settings and fill in the required settings.', 'wp-auth0' ); ?></p>
-<?php
-  return;
-}
-
-if ( isset( $_GET['action'] ) && $_GET['action'] == 'register' ) {
-  $lock_options->set_signup_mode( true );
-}
-
-$extra_css = '';
-$extra_css .= trim( apply_filters( 'auth0_login_css', '' ) );
-$extra_css .= trim( $lock_options->get_custom_css() );
-
-$options = $lock_options->get_lock_options();
-?>
-
-<div id="form-signin-wrapper" class="auth0-login">
-    <?php include 'error-msg.php'; ?>
-    <div class="form-signin">
-
-        <?php if ( $lock_options->show_as_modal() ) { ?>
-            <button id="a0LoginButton" ><?php echo $lock_options->modal_button_name(); ?></button>
-        <?php } else { ?>
-            <div id="auth0-login-form"></div>
-        <?php } ?>
-        <?php if ( $lock_options->get_wordpress_login_enabled() && $canShowLegacyLogin ) { ?>
-            <div id="extra-options">
-                <a href="?wle">Login with WordPress username</a>
-            </div>
-        <?php } ?>
-
-    </div>
-</div>
-<?php if ( !empty( $extra_css ) ) { ?>
-    <style type="text/css">
-        <?php echo $extra_css; ?>
-    </style>
-<?php } ?>
-<script type="text/javascript">
-var ignore_sso = false;
-
-document.cookie = '<?php
-  echo WPA0_STATE_COOKIE_NAME ?>=<?php
-  echo $options['auth']['params']['state'] ?>;max-age=<?php
-  echo WP_Auth0_Nonce_Handler::COOKIE_EXPIRES ?>;path=/';
-
-
-document.addEventListener("DOMContentLoaded", function() {
-
-    var options = {};
-    options = <?php echo json_encode( $options ); ?>;
-    options.additionalSignUpFields = <?php echo $lock_options->get_custom_signup_fields(); ?>;
-
-    if (!ignore_sso) {
-      var lock = new Auth0Lock(
-          '<?php echo $lock_options->get_client_id(); ?>',
-          '<?php echo $lock_options->get_domain(); ?>',
-          options
-      );
-
-      <?php echo $lock_options->get_custom_js(); ?>
-
-      <?php if ( ! $lock_options->show_as_modal() ) { ?>
-        lock.show();
-      <?php } else { ?>
-          jQuery('#a0LoginButton').click(lock.show);
-      <?php } ?>
-    }
-
-});
-</script>
diff --git a/templates/auth0-login-form-pwl.php b/templates/auth0-login-form-pwl.php
deleted file mode 100644
index d2f6ae3d..00000000
--- a/templates/auth0-login-form-pwl.php
+++ /dev/null
@@ -1,39 +0,0 @@
-<?php
-$auth0_options = WP_Auth0_Options::Instance();
-?>
-
-<div id="form-signin-wrapper" class="auth0-login" data-auth0-opts="<?php echo esc_attr( json_encode( $specialSettings ) ) ?>">
-    <?php include 'error-msg.php'; ?>
-    <div class="form-signin">
-        <div id="auth0-login-form"></div>
-        <?php if ( ! empty( $specialSettings['show_as_modal'] ) ) : ?>
-            <button id="a0LoginButton" ><?php
-              echo ! empty ( $specialSettings['modal_trigger_name'] )
-                ? sanitize_text_field($specialSettings['modal_trigger_name'] )
-                : __( 'Login', 'wp-auth0' )
-              ?></button>
-        <?php endif; ?>
-
-        <?php if ( $auth0_options->get( 'wordpress_login_enabled' ) && function_exists( 'login_header' ) ) { ?>
-            <div id="extra-options">
-                <a href="<?php echo wp_login_url() ?>?wle">
-                  <?php _e( 'Login with WordPress username', 'wp-auth0' ) ?>
-                </a>
-            </div>
-        <?php } ?>
-
-    </div>
-</div>
-
-<style type="text/css">
-    <?php echo apply_filters( 'auth0_login_css', '' ); ?>
-    <?php echo $auth0_options->get( 'custom_css' ); ?>
-</style>
-
-<?php if ( $custom_js = $auth0_options->get( 'custom_js' ) ) : ?>
-<script type="text/javascript">
-document.addEventListener("DOMContentLoaded", function() {
-    <?php echo $custom_js; ?>
-});
-</script>
-<?php endif; ?>
\ No newline at end of file
diff --git a/templates/auth0-login-form.php b/templates/auth0-login-form.php
new file mode 100644
index 00000000..397039ed
--- /dev/null
+++ b/templates/auth0-login-form.php
@@ -0,0 +1,27 @@
+<?php
+$auth0_options = WP_Auth0_Options::Instance();
+$wle = (bool) $auth0_options->get( 'wordpress_login_enabled', true );
+?>
+    <div id="form-signin-wrapper" class="auth0-login">
+        <div class="form-signin">
+            <div id="<?php echo esc_attr( WPA0_AUTH0_LOGIN_FORM_ID ) ?>"></div>
+          <?php if ( $wle && function_exists( 'login_header' ) ) : ?>
+              <div id="extra-options">
+                  <a href="<?php echo wp_login_url() ?>?wle">
+                    <?php _e( 'Login with WordPress username', 'wp-auth0' ) ?>
+                  </a>
+              </div>
+          <?php endif ?>
+        </div>
+    </div>
+
+    <style type="text/css">
+        <?php echo apply_filters( 'auth0_login_css', '' ) ?>
+        <?php echo $auth0_options->get( 'custom_css' ) ?>
+    </style>
+
+<?php if ( $custom_js = $auth0_options->get( 'custom_js' ) ) : ?>
+    <script type="text/javascript">
+        document.addEventListener('DOMContentLoaded', function() { <?php echo $custom_js ?> });
+    </script>
+<?php endif ?>
\ No newline at end of file
diff --git a/templates/error-msg.php b/templates/error-msg.php
deleted file mode 100644
index 4967506d..00000000
--- a/templates/error-msg.php
+++ /dev/null
@@ -1,34 +0,0 @@
-<?php if ( isset( $_GET['message'] ) ): ?>
-    <?php $status = intval( $_GET['message'] ); ?>
-    <?php if ( $status == 1 ): ?>
-        <div class="alert alert-success">
-            <button type="button" class="close" data-dismiss="alert">&times;</button>
-            <?php _e( '<strong>Email sent:</strong> In a minute or two, you should get an email with the password reset link.', LP_THEME_LANG ); ?>
-        </div>
-    <?php elseif ( $status == 2 ): ?>
-        <div class="alert alert-success">
-            <button type="button" class="close" data-dismiss="alert">&times;</button>
-            <?php _e( '<strong>Congratulations:</strong> Your password has been changed and you can now log in below.', LP_THEME_LANG ); ?>
-        </div>
-    <?php elseif ( $status == 3 ): ?>
-        <div class="alert alert-success">
-            <button type="button" class="close" data-dismiss="alert">&times;</button>
-            <?php _e( '<strong>Account created:</strong> Your password has been sent to your email address.', LP_THEME_LANG ); ?>
-        </div>
-    <?php elseif ( $status == 4 ): ?>
-        <div class="alert alert-info">
-            <button type="button" class="close" data-dismiss="alert">&times;</button>
-            <?php _e( '<strong>Account created:</strong> Your account is awaiting activation. Once an administrator has activated your account, a password will be emailed to you.', LP_THEME_LANG ); ?>
-        </div>
-    <?php elseif ( $status == 5 ): ?>
-        <div class="alert alert-error">
-            <button type="button" class="close" data-dismiss="alert">&times;</button>
-            <?php _e( '<strong>Not activated:</strong> Your account is awaiting activation.', LP_THEME_LANG ); ?>
-        </div>
-    <?php elseif ( $status == 6 ): ?>
-        <div class="alert alert-error">
-            <button type="button" class="close" data-dismiss="alert">&times;</button>
-            <?php _e( '<strong>Error:</strong> Invalid e-mail or password.', LP_THEME_LANG ); ?>
-        </div>
-    <?php endif; ?>
-<?php endif; ?>
diff --git a/templates/login-form.php b/templates/login-form.php
index 877e1043..a22df7d2 100755
--- a/templates/login-form.php
+++ b/templates/login-form.php
@@ -1,40 +1,45 @@
 <?php
 function renderAuth0Form( $canShowLegacyLogin = true, $specialSettings = array() ) {
-	if ( is_user_logged_in() )
-		return;
+  if ( is_user_logged_in() ) {
+    return;
+  }
 
-	if ( !$canShowLegacyLogin || !isset( $_GET['wle'] ) ) {
+  if ( ! $canShowLegacyLogin || ! isset( $_GET['wle'] ) ) {
     $options = WP_Auth0_Options::Instance();
+    $lock_options = new WP_Auth0_Lock10_Options( $specialSettings );
+    $use_passwordless = $options->get('passwordless_enabled', FALSE );
+    $lock_cdn_url = $options->get( $use_passwordless ? 'passwordless_cdn_url' : 'cdn_url' );
 
-    if ( ! $options->get('passwordless_enabled', FALSE) ) {
-      wp_enqueue_script( 'wpa0_lock', $options->get('cdn_url'), array( 'jquery' ), FALSE );
-      require_once 'auth0-login-form-lock10.php';
-    } else {
-      $lock_options = new WP_Auth0_Lock10_Options( $specialSettings );
+    wp_enqueue_script( 'wpa0_lock', $lock_cdn_url, array( 'jquery' ), FALSE, TRUE );
+    wp_enqueue_script( 'js-cookie', WPA0_PLUGIN_LIB_URL . 'js.cookie.min.js', FALSE, '2.2.0', TRUE );
+    wp_enqueue_script( 'wpa0_lock_init', WPA0_PLUGIN_JS_URL . 'lock-init.js', array( 'jquery' ), WPA0_VERSION, TRUE );
+    wp_localize_script(
+      'wpa0_lock_init',
+      'wpAuth0LockGlobal',
+      array(
+        'settings' => $lock_options->get_lock_options(),
+        'ready' => WP_Auth0::ready(),
+        'domain' => $options->get( 'domain' ),
+        'clientId' => $options->get( 'client_id' ),
+        'stateCookieName' => WPA0_STATE_COOKIE_NAME,
+        'usePasswordless' => $use_passwordless,
+        'loginFormId' => WPA0_AUTH0_LOGIN_FORM_ID,
+        'showAsModal' => ! empty( $specialSettings['show_as_modal'] ),
+        'i18n' => array(
+          'notReadyText' => __( 'Auth0 is not configured', 'wp-auth0' ),
+          'cannotFindNodeText' => __( 'Auth0 cannot find node with id ', 'wp-auth0' ),
+          'modalButtonText' => ! empty ( $specialSettings['modal_trigger_name'] )
+            ? sanitize_text_field( $specialSettings['modal_trigger_name'] )
+            : __( 'Login', 'wp-auth0' ),
+        ),
+      )
+    );
 
-      // This is output in the footer so it can run after wp_head
-      wp_enqueue_script( 'wpa0_lock', $options->get('passwordless_cdn_url'), array( 'jquery' ), FALSE );
-      wp_enqueue_script( 'auth0-pwl', WPA0_PLUGIN_JS_URL . 'login-pwl.js', array( 'jquery' ), WPA0_VERSION, TRUE );
+    $login_tpl = apply_filters( 'auth0_login_form_tpl', 'auth0-login-form.php', $lock_options, $canShowLegacyLogin );
+    require $login_tpl;
 
-      // Set required global var
-      wp_localize_script(
-        'auth0-pwl',
-        'wpAuth0PwlGlobal',
-        array(
-          'i18n' => array(),
-          'lock' => array(
-            'options' => $lock_options->get_lock_options(),
-            'ready' => WP_Auth0::ready(),
-            'domain' => $options->get( 'domain' ),
-            'clientId' => $options->get( 'client_id' ),
-          ),
-        )
-      );
-
-      require_once 'auth0-login-form-pwl.php';
-    }
-	} else {
-		add_action( 'login_footer', array( 'WP_Auth0', 'render_back_to_auth0' ) );
-		add_action( 'woocommerce_after_customer_login_form', array( 'WP_Auth0', 'render_back_to_auth0' ) );
-	}
+  } else {
+    add_action( 'login_footer', array( 'WP_Auth0', 'render_back_to_auth0' ) );
+    add_action( 'woocommerce_after_customer_login_form', array( 'WP_Auth0', 'render_back_to_auth0' ) );
+  }
 }
\ No newline at end of file