Hi,Thank you this plugin,because i use this plugin on Wordpress one Network,so the request other api's url will be change.
my step is:
- login :
http://localhost/wordpress/wp-json/jwt-auth/v1/token
- get user blogs:
http://localhost/wordpress/wp-json/myplugin/v1/blogs
- get get first blog token :
http://localhost/wordpress/wp-json/token/regain/2
,param2
is the user_blogid,get the return token,change the Angularjs saved user Token - get
test
blog posts :http://localhost/wordpress/test/wp-json/wp/v2/posts
step 2 api like:
function list_blogs($request ){
$current_user = wp_get_current_user();
$user_blogs = get_blogs_of_user( $current_user->ID );
if(count($user_blogs)==0){
return null;
}
else{
return $user_blogs;
}
}
add_action( 'rest_api_init', function () {
register_rest_route( 'myplugin/v1', '/blogs', array(
'methods' => 'GET',
'callback' => 'list_blogs',
) );
} );
file public/class-jwt-auth-public.php
,methodadd_api_routes()
,i add
register_rest_route($this->namespace, 'token/regain/(?P<blog_id>[0-9]+)', [
'methods' => 'POST',
'callback' => array($this, 'regain_token'),
]);
i add method,code is:
/**
* regain the jwt auth for multiSite
* @param WP_REST_REQUEST $request
*
* @return string token
*/
public function regain_token($request){
$secret_key = defined('JWT_AUTH_SECRET_KEY') ? JWT_AUTH_SECRET_KEY : false;
/** First thing, check the secret key if not exist return a error*/
if (!$secret_key) {
return new WP_Error(
'jwt_auth_bad_config',
__('JWT is not configurated properly, please contact the admin', 'wp-api-jwt-auth'),
array(
'status' => 403,
)
);
}
/** Second thing, check the user is logined if not exist return a error*/
$current_user = wp_get_current_user();
if ( 0 == $current_user->ID ) {
return new WP_Error( 'rest_not_logged_in', __( 'You are not currently logged in.' ), array( 'status' => 401 ) );
}
$url_params = $request->get_url_params();
$param_blog_id = $url_params['blog_id'];
/** Three thing, check the $param_blog_id belong to the logined user blogs list if not exist return a error*/
$user_blogs = get_blogs_of_user($current_user->ID);
$blog_details = null;
$blog_ids = array();
$blog_is_exist = false;
foreach ($user_blogs AS $user_blog) {
if($param_blog_id == $user_blog->userblog_id){
$blog_details = $user_blog;
$blog_is_exist = true;
}
}
if(!$blog_is_exist){
return new WP_Error( 'jwt_auth_user_not_have_current_blog', __( 'current user not have this blog.' ), array( 'status' => 400 ) );
}
/** Valid credentials, the user exists create the according Token */
$issuedAt = time();
$notBefore = apply_filters('jwt_auth_not_before', $issuedAt, $issuedAt);
$expire = apply_filters('jwt_auth_expire', $issuedAt + (DAY_IN_SECONDS * 7), $issuedAt);
$token = array(
'iss' => $blog_details->siteurl,
'iat' => $issuedAt,
'nbf' => $notBefore,
'exp' => $expire,
'data' => array(
'user' => array(
'id' =>$current_user->ID,
),
),
);
/** Let the user modify the token data before the restore. */
$token = JWT::encode(apply_filters('jwt_auth_token_before_restore', $token), $secret_key);
/** The token is signed,only return token */
$data = array(
'token' => $token
);
/** Let the user modify the data before send it back */
return apply_filters('jwt_auth_token_before_dispatch', $data, $current_user);
}
the code many is use the generate_token()
method code,I only want the logined usre not login again,so i try add this code.