search

Tmeister / wp-api-jwt-auth

A simple plugin to add JSON Web Token (JWT) Authentication to WP REST API
GNU General Public License v2.0
560 stars 161 forks source link

Slash password before authenticating #177

Closed andreasschmidtjensen closed 1 year ago

andreasschmidtjensen commented 5 years ago

Fixes erroneous 403 response when a password contains a single quote.

When attempting to authenticate with a (correct) password containing quotes, the API returns "403 Forbidden": { "code": "[jwt_auth] incorrect_password", "message": "...", "data": { "status": 403 } }

Using wp_slash (https://developer.wordpress.org/reference/functions/wp_slash/) to make sure the password is handled correctly.