Get user_id from valid token

Hello,

You can generate the JWT on the simple-jwt-login route. This JWT can contain the WorsPress user ID, and you can also use it in the API that you developed in PHP.

Also, if you generate the jwt somewhere else, make sure you add the same “decryption key” in the plugin settings( in “General” section).

If you want to see the deconded payload of you JWT, i suggest using https://jwt.io

Let me know if my answer helps you and please don’t forget to rate the plugin.

Best regards,
Nicu

Plugin rated ??

I just had the need to decode the token, in order to get the user_id; I did it installing an additional php library; Just wondering if in your plugin is there a way to “decode” the token and get the user_id (and other infos in the payload) without using this external library.

Thanks for this awesome work!

Hello,

First of all, thank you for rating the plugin.

JWT has 3 parts ( header.payload.signature ) separated by dots. If you want to get the payload, you can simply take the second part and do a base64_decode() ( in PHP) or atob() (in javascript) on it.

But, I am thinking you want to decode the payload, only if the signature is verified.
So, I was thinking to add a new endpoint /auth/validate that validates the JWT and returns the payload and WordPress user ID if it is found.

Does this idea fit your needs? Or do you have another suggestion?

Best regards,
Nicu.

This would be awesome! Please let me know if is there a way to donate via PayPal in order to support this project.

Ciao!

Giovanni

Thank you Giovanni for your support. I really appreciate it.

I will come back with updates after the weekend and let you know how you can use the new endpoint.

I will also update the documentation and add a donation link instead of the PayPal.me link.

Have a nice weekend.
Nicu.

??

have a great we!

G

Thank you for the donation.
??

Have a nice weekend!!

Hello Giovanni,

I’ve just released version 2.2.0.

Here you have a new API endpoint to validate the JWT.
You just have to make a GET on auth/validate and attach the JWT to the request, and this endpoint will read the plugin configuration, and validate your JWT.

The response will look something like this:

{
    "success": true,
    "data": {
        "user": {
            "ID": "123",
            "user_login": "someemail@test.com",
            "user_nicename": "test",
            "user_email": "someemail@test.com",
            "user_url": "",
            "user_registered": "2020-06-29 15:29:22",
            "user_activation_key": "",
            "user_status": "0",
            "display_name": "someemail@test.com"
        },
        "jwt": [
            {
                "token": "JWT_WILL_BE_HERE",
                "header": {
                    "typ": "JWT",
                    "alg": "HS256"
                },
                "payload": {
                    "iat": 1593449136,
                    "exp": 1593452736,
                    "email": "someemail@test.com",
                    "id": 123,
                    "site": "https://localhost:81/wordpress4.9.12"
                },
                "expire_in": 3598
            }
        ]
    }
}

The error message will look something like this:

{
    "success": false,
    "data": {
        "message": "The jwt parameter is missing.",
        "errorCode": 53
    }
}

Also, If the JWT payload will not be compatible with the plugin configuration, you can also get an error like this:
`
{
“success”: false,
“data”: {
“message”: “Unable to find user email123 property in JWT.”,
“errorCode”: 30
}
}

This means that, in your JWT payload, there is no email123 parameter.

The settings that you make in the Login settings section, will have to be compatible with the JWT payload.

Please let me know if this fits your needs.

Also, if you have any other questions, don’t hesitate to write to me.

Have a nice week.
Nicu.

Wowowowowo thats great!
Thanks for this awesome work!