Open creative-andrew opened 1 year ago
Most errors messages defined by the plugin are normally full messages:
E.g. throw new UserError( __( 'The JWT token could not be returned', 'wp-graphql-jwt-authentication' ) );
throw new UserError( __( 'The JWT token could not be returned', 'wp-graphql-jwt-authentication' ) );
Nevertheless, on some occasions, it is returning the error code.
$error_code = ! empty( $user->get_error_code() ) ? $user->get_error_code() : 'invalid login';
or both combined:
throw new \Exception( $token->get_error_code() . ' | ' . $token->get_error_message() );
This PR adds consistency in terms of how the error is checked (is_wp_error()') and what is returned (error->get_error_message(). It also escapes the output for improved security.
is_wp_error()
error->get_error_message()
Most errors messages defined by the plugin are normally full messages:
E.g.
throw new UserError( __( 'The JWT token could not be returned', 'wp-graphql-jwt-authentication' ) );
Nevertheless, on some occasions, it is returning the error code.
$error_code = ! empty( $user->get_error_code() ) ? $user->get_error_code() : 'invalid login';
or both combined:
throw new \Exception( $token->get_error_code() . ' | ' . $token->get_error_message() );
This PR adds consistency in terms of how the error is checked (
is_wp_error()
') and what is returned (error->get_error_message()
. It also escapes the output for improved security.