JWT Authentication for WP REST API - Version 1.2.3

Version Description

  • Fix Max recursion error in WordPress 4.7 #44
Download this release

Release Info

Developer Tmeister
Plugin Icon JWT Authentication for WP REST API
Version 1.2.3
Comparing to
See all releases

Code changes from version 1.2.2 to 1.2.3

Files changed (3) hide show
  1. jwt-auth.php +1 -1
  2. public/class-jwt-auth-public.php +14 -1
  3. readme.txt +6 -3
jwt-auth.php CHANGED
@@ -15,7 +15,7 @@
15
  * Plugin Name: JWT Authentication for WP-API
16
  * Plugin URI: https://enriquechavez.co
17
  * Description: Extends the WP REST API using JSON Web Tokens Authentication as an authentication method.
18
- * Version: 1.2.2
19
  * Author: Enrique Chavez
20
  * Author URI: https://enriquechavez.co
21
  * License: GPL-2.0+
15
  * Plugin Name: JWT Authentication for WP-API
16
  * Plugin URI: https://enriquechavez.co
17
  * Description: Extends the WP REST API using JSON Web Tokens Authentication as an authentication method.
18
+ * Version: 1.2.3
19
  * Author: Enrique Chavez
20
  * Author URI: https://enriquechavez.co
21
  * License: GPL-2.0+
public/class-jwt-auth-public.php CHANGED
@@ -175,6 +175,19 @@ class Jwt_Auth_Public
175
  */
176
  public function determine_current_user($user)
177
  {
 
 
 
 
 
 
 
 
 
 
 
 
 
178
  /*
179
  * if the request URI is for validate the token don't do anything,
180
  * this avoid double calls to the validate_token function.
@@ -220,7 +233,7 @@ class Jwt_Auth_Public
220
  if (!$auth) {
221
  $auth = isset($_SERVER['REDIRECT_HTTP_AUTHORIZATION']) ? $_SERVER['REDIRECT_HTTP_AUTHORIZATION'] : false;
222
  }
223
-
224
  if (!$auth) {
225
  return new WP_Error(
226
  'jwt_auth_no_auth_header',
175
  */
176
  public function determine_current_user($user)
177
  {
178
+ /**
179
+ * This hook only should run on the REST API requests to determine
180
+ * if the user in the Token (if any) is valid, for any other
181
+ * normal call ex. wp-admin/.* return the user.
182
+ *
183
+ * @since 1.2.3
184
+ **/
185
+ $rest_api_slug = rest_get_url_prefix();
186
+ $valid_api_uri = strpos($_SERVER['REQUEST_URI'], $rest_api_slug);
187
+ if(!$valid_api_uri){
188
+ return $user;
189
+ }
190
+
191
  /*
192
  * if the request URI is for validate the token don't do anything,
193
  * this avoid double calls to the validate_token function.
233
  if (!$auth) {
234
  $auth = isset($_SERVER['REDIRECT_HTTP_AUTHORIZATION']) ? $_SERVER['REDIRECT_HTTP_AUTHORIZATION'] : false;
235
  }
236
+
237
  if (!$auth) {
238
  return new WP_Error(
239
  'jwt_auth_no_auth_header',
readme.txt CHANGED
@@ -4,8 +4,8 @@ Contributors: tmeister
4
  Donate link: https://enriquechavez.co
5
  Tags: wp-json, jwt, json web authentication, wp-api
6
  Requires at least: 4.2
7
- Tested up to: 4.6.1
8
- Stable tag: 1.2.2
9
  License: GPLv2 or later
10
  License URI: http://www.gnu.org/licenses/gpl-2.0.html
11
 
@@ -340,7 +340,10 @@ $data = array(
340
  ###Please read how to configured the plugin https://wordpress.org/plugins/jwt-authentication-for-wp-rest-api/
341
 
342
  == Changelog ==
343
- = 1.2.1 =
 
 
 
344
  * Add an extra validation to get the Authorization header
345
  * Increase determine_current_user priority Fix #13
346
  * Add the user object as parameter in the jwt_auth_token_before_sign hook
4
  Donate link: https://enriquechavez.co
5
  Tags: wp-json, jwt, json web authentication, wp-api
6
  Requires at least: 4.2
7
+ Tested up to: 4.7
8
+ Stable tag: 1.2.3
9
  License: GPLv2 or later
10
  License URI: http://www.gnu.org/licenses/gpl-2.0.html
11
 
340
  ###Please read how to configured the plugin https://wordpress.org/plugins/jwt-authentication-for-wp-rest-api/
341
 
342
  == Changelog ==
343
+ = 1.2.3 =
344
+ * Fix Max recursion error in WordPress 4.7 #44
345
+
346
+ = 1.2.2 =
347
  * Add an extra validation to get the Authorization header
348
  * Increase determine_current_user priority Fix #13
349
  * Add the user object as parameter in the jwt_auth_token_before_sign hook