search

usefulteam / jwt-auth

WordPress JSON Web Token Authentication
https://wordpress.org/plugins/jwt-auth/
122 stars 48 forks source link

Conflict with Elementor #22

Open cedricDevWP opened 3 years ago

cedricDevWP commented 3 years ago

Hi,

there has a problem with your plugin and Elementor when i active JWT, i can’t preselect color from global in builder of Elementor.

Can you correct this ? or have you an idea to solve this problem ?

Cédric

contactjavas commented 3 years ago

Hi, you might need to whitelist Elementor's endpoints / namespace.

You can search for "whitelisting" in the documentation.

On Tue, Jan 5, 2021, 22:14 Cédric Chevillard notifications@github.com wrote:

Hi,

there has a problem with your plugin and Elementor when i active JWT, i can’t preselect color from global in builder of Elementor.

Can you correct this ? or have you an idea to solve this problem ?

Cédric

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/usefulteam/jwt-auth/issues/22, or unsubscribe https://github.com/notifications/unsubscribe-auth/AGFDFTDXAQ56YZJF452CP2DSYMUD7ANCNFSM4VVLHLYQ .

cedricDevWP commented 3 years ago

Yes i tried this : 

function jwt_whitelist( $endpoints ) {

   $rest_api_slug = home_url( '/wp-json/', 'relative' );
   return array(
        $rest_api_slug.'elementor/*',
   );
}
add_filter( 'jwt_auth_whitelist', 'jwt_whitelist', 10, 1);

But not working and I think we don't even fit into the function (I tried to save logs but nothing)

cedricDevWP commented 3 years ago

In elementor : Capture d’écran 2021-01-05 à 17 11 21

dominic-ks commented 3 years ago

@cedricDevWP you should just be adding the relative path for the route into the whitelist, and I also recommend you add this to the array in the filter otherwise you will be overwriting the defaults, so like this:

function jwt_whitelist( $endpoints ) {

   $endpoints[] = '/wp-json/relative/elementor/'; //or whatever your path is
   return $endpoints;

}
add_filter( 'jwt_auth_whitelist', 'jwt_whitelist', 10, 1);
cedricDevWP commented 3 years ago

@dominic-ks did it work for you?

dominic-ks commented 3 years ago

@cedricDevWP I haven't tried it in your specific case with Elementor but that is the approach I use for whitelisting endpoints from other plugins and endpoints that I have written myself.

cedricDevWP commented 3 years ago

i tried but without success :/ ...

It's possible to authorize all route and restrict specific route ?

dominic-ks commented 3 years ago

@cedricDevWP Well my guess is that you've not got the right REST routes that Elementor is using. You should be able to see the requests that are failing by inspecting the network tab in your browser console.

I don't believe there is a method in this plugin to work this the other way round, it's potentially possible to get a list of all registered routes and then add them all to the whitelist but after a quick search I can't see a function for that.

SepiaGroup commented 2 years ago

This is really a big issue with Elementor. I cannot get the editor to even show up.

The reason for this is that the Elementor api is not whitelisted. However there is an issue with using the filter. I added the following in my functions.php

function jwt_whitelist( ) {

   return array( '/wp-json/elementor/', '/wp-json/jetpack/' );

}

add_filter( 'jwt_auth_whitelist', 'jwt_whitelist', 10, 1);

for some reason this is never called.

To resolve this issue I added the routes in class-auth.php directly. This is really not ideal.

Can someone let me know why this filter is not being called?

pesseba commented 2 years ago

The array_push() do not return the new array and the hook uses 1 parameter. You must to do something like this:

function jwt_whitelist( $endpoints) {
   array_push($endpoints,'/wp-json/jetpack/*');
   array_push($endpoints,'/wp-json/elementor/*');
   return $endpoints;   
}
add_filter( 'jwt_auth_whitelist', 'jwt_whitelist', 10, 1);

Check if the endpoints is right and has * at the end;

gra-mir commented 2 years ago

Hi, I have the same issue, conflict with Elementor - Elementor Editor not loading.

The filters jwt_auth_whitelist and jwt_auth_default_whitelist do not seem to be called. If I add $rest_api_slug . '/elementor/' to the whitelist array in class-auth.php directly, it works.

My guess is that it could be a timing issue according to this: https://stackoverflow.com/questions/19277932/wordpress-filter-not-being-added.

Maybe you could add the endpoint wp-json/elementor to the default whitelist?

Thanks

ciriousjoker commented 2 years ago

@gra-mir and I ended up using a filter like this:

add_filter( 'jwt_auth_whitelist', function ( $endpoints ) {
  $your_endpoints = array(
      // Without this, Elementor will not load properly.
      // Without the /v1, attenpting to edit a page will log you out.
      '/wp-json/elementor/v1/*',
  );
  return array_unique( array_merge( $endpoints, $your_endpoints ) );
});

Keep in mind that this filter only works when put inside its own custom mini-plugin.

gra-mir commented 2 years ago

@CiriousJoker Thanks for the update.

FawadNL commented 2 years ago

@ciriousjoker thank you. That fixed the issue for me for Elementor and some other plugins.