Closed mikmikmik closed 2 years ago
I moved define('JWT_AUTH_SECRET_KEY', 'somesecrethash');
and define('JWT_AUTH_CORS_ENABLE', true);
from the bottom of wp-config.php to its correct place with the other salts and now it's working as expected! (I didn't know it mattered)
Thanks for sharing! This fixed my api handle too!!!
Edit: Using version 2.1 installed from Wordpress admin After adding
RewriteEngine on RewriteCond %{HTTP:Authorization} ^(.*) RewriteRule ^(.*) - [E=HTTP_AUTHORIZATION:%1]
I manage to haveisset($headers['Authorization']) = 1 var_dump($headers['Authorization']) = string(0) "" isset($_SERVER['HTTP_AUTHORIZATION']) = 1
but nothing forisset($_SERVER['REDIRECT_HTTP_AUTHORIZATION']) =
Edit2: I tried the github version 3.0 and still same problem. Cookie refresh returns 'JWT is not configured properly.' Edit3: It's weird, it seems it can read JWT_AUTH_SECRET_KEY on the first 2 steps (I was able to send it in json response to test) but on line 392 of class-auth.php it's empty...