Wordpress JWT Authetication Plugin
-
Due to the fact that the wordpress App is running on ngnix, i cant get the JWT Auth plugin to work even after i edited the .htaccess and added following
rewriteCond %{HTTP:Authorization} ^(.)
RewriteRule ^(.) - [E=HTTP_AUTHORIZATION:%1]
SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1I still get {"code":"rest_no_route","message":"No route was found matching the URL and request method","data":{"status":404}} when trying to access this url: websiteurl/wp-json/jwt-auth/v1/token
Is it possible to make some changes to the ngnix sites-enabled default file? Or how can i solve this issue.
thanks
-
@ketchalegend FWIW, the wordpress app runs on apache and not nginx. nginx is only the reverse proxy at the cloudron level but wordpress itself is served by apache mod-php.
-
@ketchalegend said in Wordpress JWT Authetication Plugin:
RewriteRule ^(.) - [E=HTTP_AUTHORIZATION:%1]
so you mean i dont have to make any changes to the htaccess file?
-
This post is deleted!
-
@ketchalegend When you add the rewrite rule, be sure to add it before the [L] rule which WordPress generated. This is because [L] means last and further rules are not processed.
Can you paste your entire htaccess file?
Also, how are you testing the plugin? I can try it out but I don't know how to test it.
-
What I mean is, it has to look something like this:
# BEGIN WordPress # The directives (lines) between "BEGIN WordPress" and "END WordPress" are # dynamically generated, and should only be modified via WordPress filters. # Any changes to the directives between these markers will be overwritten. <IfModule mod_rewrite.c> RewriteEngine On RewriteBase / # Handle Authorization Header RewriteCond %{HTTP:Authorization} . RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}] RewriteRule ^index\.php$ - [L] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . /index.php [L] </IfModule> # END WordPress
Like I said, I don't know how to test this
-
@girish Once you have installed the plugin and made the changes you have to check out this url : https://yourdomain.com/wp-json/jwt-auth/v1/token
if its correctly configured it should work. If not you get the 404 error -
@ketchalegend I see. With the above htaccess, I got
curl -X POST -H "Authorization: Bearer 1234567890" https://wp.domain.com/wp-json/jwt-auth/token {"success":false,"statusCode":403,"code":"jwt_auth_invalid_token","message":"Wrong number of segments","data":[]}
So looks like the route is working.