search

Tmeister / wp-api-jwt-auth

A simple plugin to add JSON Web Token (JWT) Authentication to WP REST API
GNU General Public License v2.0
560 stars 161 forks source link

403 bad config error #298

Open Imdamandude94 opened 9 months ago

Imdamandude94 commented 9 months ago

Issue Name

Prerequisites

Please answer the following questions for yourself before submitting an issue.

Context

I have setup my .htaccess and wp-config as instructed in the documentation but when i run my POST https://hummrah.com/wp-json/jwt-auth/v1/token, i get the error "JWT is not configured properly, please contact the admin". This is my .htaccess:

RewriteEngine On RewriteRule ^(.*)$ - [E=HTTP_AUTHORIZATION:%1] RewriteEngine on RewriteCond %{HTTP:Authorization} ^(.*) RewriteBase /~hummrahc/ RewriteRule ^index\.php$ - [L] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . /~hummrahc/index.php [L]

SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1

Expected Behavior

Token received and a 200 status

Current Behavior

Bad config error

Please provide detailed steps for reproducing the issue.

  1. Step 1 - Update my .htaccess to include: RewriteEngine on RewriteCond %{HTTP:Authorization} ^(.) RewriteRule ^(.) - [E=HTTP_AUTHORIZATION:%1] and SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1
  2. Step 2 - Update my wp-config to include: define('JWT_AUTH_SECRET_KEY', 'your-top-secret-key'); and define('JWT_AUTH_CORS_ENABLE', true);
  3. Step 3 - I run https://hummrah.com/wp-json/jwt-auth/v1/token on Postman

Failure Logs

{ "code": "jwt_auth_bad_config", "message": "JWT is not configured properly, please contact the admin", "data": { "status": 403 } }

MarleVVLL commented 1 month ago

I am experiencing the same issue. I hope a response is forthcoming.

MarleVVLL commented 1 month ago

Fixed the issue.

You must define your secret key above this PHP line:

/* Sets up WordPress vars and included files. / require_once(ABSPATH . 'wp-settings.php');