feat: session persistence, brute-force lockout, Thumbnails social preview tab

- Fix sessions expiring on browser close: force persistent auth cookie when
  a custom session duration is configured (was writing a session cookie with
  expire=0 regardless of the server-side TTL setting)
- Add brute-force account lockout: configurable failed-attempt threshold
  (default 5) and lockout period (default 5 min), per-username tracking via
  transients, admin UI panel in Login Security tab
- Add Thumbnails tab: 9-point social preview URL checker, recent-posts auto-
  scan, Cloudflare WAF setup guide + crawler UA test + cache purge, media
  library auditor with one-click JPEG/PNG recompress for >300 KB images

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

Author: Andrew Baker

assets/cs-login.js

@@ -1,6 +1,7 @@
 /* ===========================================================
-   CloudScale Code Block — Login Security admin JS  v1.9.0
+   CloudScale Code Block — Login Security admin JS  v1.9.5
    Handles: Hide Login save, 2FA site settings save,
+            session duration, brute-force protection,
             TOTP setup wizard, email 2FA enable/disable.
    =========================================================== */
 ( function () {
@@ -48,6 +49,9 @@
             method:           document.querySelector( 'input[name="cs_devtools_2fa_method"]:checked' )?.value || 'off',
             force_admins:     document.getElementById( 'cs-2fa-force' )?.checked ? '1' : '0',
             session_duration: document.getElementById( 'cs-session-duration' )?.value || 'default',
+            bf_enabled:       document.getElementById( 'cs-bf-enabled' )?.checked ? '1' : '0',
+            bf_attempts:      document.getElementById( 'cs-bf-attempts' )?.value || '5',
+            bf_lockout:       document.getElementById( 'cs-bf-lockout' )?.value || '5',
         };
     }
 
@@ -97,6 +101,35 @@
         } );
     }
 
+    const bfSaveBtn  = document.getElementById( 'cs-bf-save' );
+    const bfSaved    = document.getElementById( 'cs-bf-saved' );
+    const bfEnabled  = document.getElementById( 'cs-bf-enabled' );
+    const bfOptions  = document.getElementById( 'cs-bf-options' );
+
+    // Toggle numeric fields based on the enable checkbox.
+    if ( bfEnabled && bfOptions ) {
+        const syncBfOptions = () => { bfOptions.style.opacity = bfEnabled.checked ? '' : '0.4'; };
+        syncBfOptions();
+        bfEnabled.addEventListener( 'change', syncBfOptions );
+    }
+
+    if ( bfSaveBtn ) {
+        bfSaveBtn.addEventListener( 'click', () => {
+            bfSaveBtn.disabled = true;
+            post( 'cs_devtools_login_save', collectLoginPayload() ).then( res => {
+                bfSaveBtn.disabled = false;
+                if ( res.success ) {
+                    flash( bfSaved, true );
+                } else {
+                    alert( res.data || 'Save failed.' );
+                }
+            } ).catch( () => {
+                bfSaveBtn.disabled = false;
+                alert( 'Save failed. Check your connection.' );
+            } );
+        } );
+    }
+
     if ( twoFaSaveBtn ) {
         twoFaSaveBtn.addEventListener( 'click', () => {
             twoFaSaveBtn.disabled = true;

assets/cs-thumbnails.js

@@ -32,7 +32,7 @@
             "default": ""
         }
     },
-    "textdomain": "cs-code-block",
+    "textdomain": "cloudscale-devtools",
     "editorStyle": "cs-code-block-editor",
     "style": "cs-code-block-frontend",
     "viewScript": "cs-code-block-frontend"

blocks/code/block.json

@@ -224,23 +224,23 @@
 
             return el( Fragment, {},
                 el( InspectorControls, {},
-                    el( PanelBody, { title: __( 'Code Settings', 'cs-code-block' ), initialOpen: true },
+                    el( PanelBody, { title: __( 'Code Settings', 'cloudscale-devtools' ), initialOpen: true },
                         el( SelectControl, {
-                            label: __( 'Language', 'cs-code-block' ),
-                            help: __( 'Leave on Auto Detect to let highlight.js guess the language.', 'cs-code-block' ),
+                            label: __( 'Language', 'cloudscale-devtools' ),
+                            help: __( 'Leave on Auto Detect to let highlight.js guess the language.', 'cloudscale-devtools' ),
                             value: attributes.language,
                             options: languageOptions,
                             onChange: function( val ) { props.setAttributes( { language: val } ); }
                         } ),
                         el( TextControl, {
-                            label: __( 'Title', 'cs-code-block' ),
-                            help: __( 'Optional label shown above the code (e.g. filename).', 'cs-code-block' ),
+                            label: __( 'Title', 'cloudscale-devtools' ),
+                            help: __( 'Optional label shown above the code (e.g. filename).', 'cloudscale-devtools' ),
                             value: attributes.title,
                             onChange: function( val ) { props.setAttributes( { title: val } ); }
                         } ),
                         el( SelectControl, {
-                            label: __( 'Dark / Light Mode', 'cs-code-block' ),
-                            help: __( 'Override for this block. The color theme is set site wide in Tools > CloudScale Code and SQL.', 'cs-code-block' ),
+                            label: __( 'Dark / Light Mode', 'cloudscale-devtools' ),
+                            help: __( 'Override for this block. The color theme is set site wide in Tools > CloudScale Code and SQL.', 'cloudscale-devtools' ),
                             value: attributes.theme,
                             options: themeOptions,
                             onChange: function( val ) { props.setAttributes( { theme: val } ); }
@@ -266,19 +266,19 @@
                             el( 'button', {
                                 className: 'cs-code-editor-btn cs-code-editor-btn-copy',
                                 type: 'button',
-                                title: __( 'Copy code to clipboard', 'cs-code-block' ),
+                                title: __( 'Copy code to clipboard', 'cloudscale-devtools' ),
                                 onClick: onCopyCode
                             }, getCopyLabel ),
                             el( 'button', {
                                 className: 'cs-code-editor-btn cs-code-editor-btn-paste',
                                 type: 'button',
-                                title: __( 'Paste clipboard content', 'cs-code-block' ),
+                                title: __( 'Paste clipboard content', 'cloudscale-devtools' ),
                                 onClick: onPasteCode
                             }, 'Paste' ),
                             el( 'button', {
                                 className: 'cs-code-editor-btn cs-code-editor-btn-clear',
                                 type: 'button',
-                                title: __( 'Clear all code', 'cs-code-block' ),
+                                title: __( 'Clear all code', 'cloudscale-devtools' ),
                                 onClick: onClearCode
                             }, 'Clear' )
                         )
@@ -289,7 +289,7 @@
                         onChange: onChangeCode,
                         onKeyDown: onKeyDown,
                         onPaste: onPasteCode,
-                        placeholder: __( 'Paste or type your code here...', 'cs-code-block' ),
+                        placeholder: __( 'Paste or type your code here...', 'cloudscale-devtools' ),
                         rows: Math.max( 8, ( ( attributes.content || '' ).split( '\n' ).length || 1 ) + 2 ),
                         spellCheck: false,
                         autoComplete: 'off',