All geek questions in one place

WP rest api jwt auth

I would like to use WP REST auth API with this plugin: https://github.com/Tmeister/wp-api-jwt-auth

I get a token with this req in POST: http: // localhost / wp_rest / wp-json / jwt-auth / v1 / token

But I can’t make a request for the mehod post: local / wp_rest / sor-json / cp / v2 / messages

I get 403 error message:

{ "code": "rest_forbidden" "message": "You don't have permission to do this." "data": { "status": 403 } }

In my header, I have the following:

 Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJodHRwOlwvXC9sb2NhbGhvc3RcL3dwX3Jlc3QiLCJpYXQiOjE0NTAzNDEwMTgsIm5iZiI6MTQ1MDM0MTAxOCwiZXhwIjoxNDUwOTQ1ODE4LCJkYXRhIjp7InVzZXIiOnsiaWQiOiIxIn19fQ.rGNPsU4EocClWLYWaSDs1hDJMODszg-eKfqnKSEsiw0

I try with localhost / wp_rest / wp-json / jwt-auth / v1 / token / validate but I get this error:

 { "code": "jwt_auth_no_auth_header", "message": "Authorization header not found.", "data": { "status": 403 } }

Any idea?

+5
source share
4 answers

It looks like you did not include the authorization headers in your request. You need to add 'Authorization': 'Bearer PLACE_TOKEN_HERE' to the request headers.

As an example:

 var req = { method: 'POST', url: window.location.href + 'wp-json/wp/v2/posts', headers: { 'Authorization': 'Bearer ' + TOKEN_GOES_HERE } data: DATA TO PASS GOES HERE } $http(req);
+4
source

If the answer provided by Leo Gono and Tunaki still does not solve your problem, be sure to add the following code to .htaccess .:

 RewriteEngine on RewriteCond %{HTTP:Authorization} ^(.*) RewriteRule ^(.*) - [E=HTTP_AUTHORIZATION:%1]

Be sure to place these lines before the last line with "[L]" in your .htaccess, otherwise it will not be processed.

It is possible that the authorization header is discarded by the frame settings server. (I had to change htaccess for Laravel)

+4
source

I encountered similar problems when configuring the same plugin, so I created a video that describes in detail the process that I performed to quickly launch the test environment, install the plugin, make the necessary settings for the plugin to work, and then test its functionality.

Here it is: https://youtu.be/Mp7T7x1oxDk

0
source

I had exactly the same problem. My solution was simple.

Using the tool (in my case the postman ( https://www.getpostman.com )), I chose to add the authentication header (forcing the header) manually. You might want to install it manually when using the code in the HTTP Header section (and not as a paramater, just in case :)).

Checked to enable authentication header

Regards, Reinhard

0
source

Source: https://habr.com/ru/post/1238579/

More articles:


All Articles