Wordpress JWT Authetication Plugin
-
Due to the fact that the wordpress App is running on ngnix, i cant get the JWT Auth plugin to work even after i edited the .htaccess and added following
rewriteCond %{HTTP:Authorization} ^(.)
RewriteRule ^(.) - [E=HTTP_AUTHORIZATION:%1]
SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1I still get {"code":"rest_no_route","message":"No route was found matching the URL and request method","data":{"status":404}} when trying to access this url: websiteurl/wp-json/jwt-auth/v1/token
Is it possible to make some changes to the ngnix sites-enabled default file? Or how can i solve this issue.
thanks
-
@ketchalegend FWIW, the wordpress app runs on apache and not nginx. nginx is only the reverse proxy at the cloudron level but wordpress itself is served by apache mod-php.
-
Go to the Permalinks Settings Page and you don’t even need to change anything, just hit Save on that page. That helps with URL since it flushes rewrite rules that JWT may have made and thus the rewrite rules need to be recreated.
-
@ketchalegend said in Wordpress JWT Authetication Plugin:
RewriteRule ^(.) - [E=HTTP_AUTHORIZATION:%1]
so you mean i dont have to make any changes to the htaccess file?
-
This post is deleted! -
@girish is the HTTP Authorization Header deactivated?
-
@ketchalegend When you add the rewrite rule, be sure to add it before the [L] rule which WordPress generated. This is because [L] means last and further rules are not processed.
Can you paste your entire htaccess file?
Also, how are you testing the plugin? I can try it out but I don't know how to test it.
-
What I mean is, it has to look something like this:
# BEGIN WordPress # The directives (lines) between "BEGIN WordPress" and "END WordPress" are # dynamically generated, and should only be modified via WordPress filters. # Any changes to the directives between these markers will be overwritten. <IfModule mod_rewrite.c> RewriteEngine On RewriteBase / # Handle Authorization Header RewriteCond %{HTTP:Authorization} . RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}] RewriteRule ^index\.php$ - [L] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . /index.php [L] </IfModule> # END WordPressLike I said, I don't know how to test this
-
@girish Once you have installed the plugin and made the changes you have to check out this url : https://yourdomain.com/wp-json/jwt-auth/v1/token
if its correctly configured it should work. If not you get the 404 error -
@ketchalegend I see. With the above htaccess, I got
curl -X POST -H "Authorization: Bearer 1234567890" https://wp.domain.com/wp-json/jwt-auth/token {"success":false,"statusCode":403,"code":"jwt_auth_invalid_token","message":"Wrong number of segments","data":[]}So looks like the route is working.
