search

Tmeister / wp-api-jwt-auth

A simple plugin to add JSON Web Token (JWT) Authentication to WP REST API
GNU General Public License v2.0
556 stars 160 forks source link

Passwords with special character fail #295

Open dustbro opened 9 months ago

dustbro commented 9 months ago

Passwords with special character fail login

Context

I’m using JWT to authenticate users from my app, and everything works as expected…. except if the password contains a “ in it. Having a quote in the password returns an error saying the username or password is incorrect.

Is there anything that can fix this other than having the user change their password?

Expected Behavior

The same password that a user has on my wordpress site should work for JWT authentication.

Current Behavior

Having a quote in the password returns an error saying the username or password is incorrect.

RpGmAx commented 7 months ago

Hi,

Problem fixed with addslashs fx.

$user = wp_authenticate( $username, addslashes($password) ); on line 139 in file class-jwt-auth-public.php

Fix required from author side ;)

dustbro commented 5 months ago

@Tmeister would you be able to add this fix to the next update?