search

WP-API / Basic-Auth

Basic Authentication handler for the JSON API, used for development and debugging purposes
772 stars 286 forks source link

Multisite Recursion Problem #9

Open lucasstark opened 10 years ago

lucasstark commented 10 years ago

There is a problem with recursion when using multisite. The json_basic_auth_handler calls wp_authenticate, which eventually calls the function is_user_spammy, which calls get_currentuserinfo, which fires off the determine_current_user filter again.

To resolve this i've removed the filter and re-added as such:

remove_filter( 'authenticate', 'wp_authenticate_spam_check', 99 );
$user = wp_authenticate( $username, $password );
add_filter( 'authenticate', 'wp_authenticate_spam_check', 99 );
chrisvanpatten commented 10 years ago

I reported this separately at WP-API issue #508.

The fix above works perfectly. There should probably be some kind of check to make sure the filter is only removed on multisite, but it gets the job done as a quick hack!