cyga
commented
7 years ago +1.
After number of logins and start to return same error as above. It goes away after some time (after 3 days for sure).
It works if I comment check code:
cyga@cyga-laptop:~/dev/wordpress/OAuth1$ git diff
diff --git a/lib/class-wp-rest-oauth1.php b/lib/class-wp-rest-oauth1.php
index 268001f..ceb6a6f 100644
--- a/lib/class-wp-rest-oauth1.php
+++ b/lib/class-wp-rest-oauth1.php
@@ -779,8 +779,10 @@ class WP_REST_OAuth1 {
if ( empty( $used_nonces ) )
$used_nonces = array();
- if ( in_array( $nonce, $used_nonces ) )
- return new WP_Error( 'json_oauth1_nonce_already_used', __( 'Invalid nonce - nonce has already been used', 'rest_oauth1' ), array( 'status' => 401 ) );
+ // gives permanent error for WP API call to /users/me after login
+ // appears after 2nd-3rd login. untill some time will pass
+ //if ( in_array( $nonce, $used_nonces ) )
+ // return new WP_Error( 'json_oauth1_nonce_already_used', __( 'Invalid nonce - nonce has already been used', 'rest_oauth1' ), array( 'status' => 401 ) );
$used_nonces[ $timestamp ] = $nonce;
So, the questions are:
- Why is it supposed so? Am I doing smth wrong?
- How is nonce auto-changed after one call to API? If it's changed at all.
For some reason this one endpoint stopped working after updating. Here is the response I get.
[ { "code": "json_oauth1_nonce_already_used", "message": "Invalid nonce - nonce has already been used" } ]
Any clues would be greatly appriciated.