Closed Peakflower closed 1 year ago
I have this code to limit Api read access to non logged in user
`add_filter('rest_authentication_errors', function ($result) { if (!empty($result)) { return $result; }
if (!is_user_logged_in() && $_SERVER['REQUEST_URI'] !== "/wp-json/jwt-auth/v1/token" && $_SERVER['REQUEST_URI'] !== "/wp-json/jwt-auth/v1/token/validate") { return new WP_Error('rest_not_logged_in', 'You are not currently logged in.', array('status' => 401)); } return $result;
}); `
but how I limit read and write APi access to all user except admin or editor ?
Again, not a JWT plugin issue but you can use the get_userdata function, something like the following:
$user_meta = get_userdata($user_id); $user_roles = $user_meta->roles; // now check the user_roles.
I have this code to limit Api read access to non logged in user
`add_filter('rest_authentication_errors', function ($result) { if (!empty($result)) { return $result; }
}); `
but how I limit read and write APi access to all user except admin or editor ?