Support » Plugin: Disable WP REST API » jwt authentication

Viewing 5 replies - 1 through 5 (of 5 total)
  • Plugin Author Jeff Starr

    (@specialk)

    I’m not sure, haven’t tested it to be honest.

    dottodot

    (@dottodot)

    I realised it won’t as you’d need to whitelist the urls for that plugin i.e

    /wp-json/jwt-auth/v1/token
    /wp-json/jwt-auth/v1/token/validate

    when would mean you having to add a whitelist option. Anyway your plugin is nice and simple so I’ve just adapted it for my needs.

    Plugin Author Jeff Starr

    (@specialk)

    Glad you got it sorted dottodot.

    i have the that problem, how do i allow to request to /wp-json/jwt-auth/v1/token? .-.

    I just copied the function used in this plugin and adapted it to accept request to those endpoint i.e

    function disable_wp_rest_api($access) {
    
    	if (!is_user_logged_in() && $_SERVER['REQUEST_URI'] !== "/wp-json/jwt-auth/v1/token" && $_SERVER['REQUEST_URI'] !== "/wp-json/jwt-auth/v1/token/validate") {
    
    		$message = apply_filters('disable_wp_rest_api_error', __('REST API restricted to authenticated users.', 'disable-wp-rest-api'));
    
    		return new WP_Error('rest_login_required', $message, array('status' => rest_authorization_required_code()));
    
    	}
    
    	return $access;
    
    }
    add_filter('rest_authentication_errors', 'disable_wp_rest_api');
Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘jwt authentication’ is closed to new replies.