Not able to update images through admin login while plugin is active

[ArunPrakashG]

On Wordpress site with NewspaperX theme.

Description: Not able to update the inline content ad or add a new element to the page with TagDiv editor while this plugin is active. Checking chrome console provides with this info

code: "jwt_auth_no_auth_header"
data: []
message: "Authorization header not found."
statusCode: 403
success: false

TagDiv editor is opened only after logging in at example.com/wp-admin/ by manually entering username and password.

Expected behaviour: Jwt request should not be send as user is already authenticated and logged in.

Possible solutions:

• Only check for authorization header for requests to rest api endpoints.
• Add some sort of filter to filter out requests send from site itself, like the case here.

If there is already a fix for this, please do let me know!

[pesseba]

I don't know how the NewspaperX theme works, but probably it is using internal api requests, so it causes the problem. Try to add this code in a plugin or theme functions.php to authorize any endpoint requests without authorization:

add_filter('jwt_auth_whitelist', function ( $endpoints ) {
    array_push($endpoints,'/wp-json/*');
    return $endpoints;
}); 

[ArunPrakashG]

wouldn't it be better to handle this in the plugin itself ?

[pesseba]

The way the plugin handle with it is with whitelist. You need to create your own whitelist with the endpoints your site uses. The plugin is customizable by filters to attempt different needs. Follow a simple plugin you can activate in your site with the jwt auth and whitelist all endpoints. jwt-auth-whitelist-all.zip