reCAPTCHA blocks the authentication with WP REST API

  • Resolved mikeudin

    (@mikeudin)


    3 years, 4 months ago

    Im using Google Captcha (reCAPTCHA) and when this plugin is activated it blocks the authentication request to get JWT Authentication for WP REST API plugin token.
    Here is POST request for example:
    https://reqbin.com/yiayil0b

    Error response with reCaptcha activated:

    {
"code": "[jwt_auth] incorrect_password",
"message": "Authentication failed.",
"data": {
"status": 403
}
}

    Correct response after deactivating reCaptcha:

    {
"token":"token",
"user_email": "[email protected]",
"user_nicename": "123",
"user_display_name": "123 \u0430\u043f\u0440\u0430\u0440"
}

    Allow IP List fixes the issue. But in this case it works only for requests from my IP.???♂?
    Is it possible to remove reCaptcha protection for some wp-json scenaries?

    The page I need help with: [log in to see the link]

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Support andrewsupport

    (@andrewsupport)

    Hi,

    This functionality is not available. We will consider it, and if we found solutions for this issue, we will make the necessary changes to the plugin.

    ran into this issue today, bumping the thread. I would consider this a bug as recaptcha has nothing to do with the WP REST API (user creation via API can’t complete any captcha).

    Thread Starter mikeudin

    (@mikeudin)

    ran into this issue today, bumping the thread. I would consider this a bug as recaptcha has nothing to do with the WP REST API (user creation via API can’t complete any captcha).

    At this moment just found this solution that works for me.
    File: …/wp-content/plugins/google-captcha/google-captcha.php
    Maybe someone know how to implement this fix like a functions hook to do not lost it with plugin updates. 

    
if ( ! function_exists( 'gglcptch_is_recaptcha_required' ) ) {
function gglcptch_is_recaptcha_required( $form_slug = '', $is_user_logged_in = null ) {
global $gglcptch_options;

if ( is_null( $is_user_logged_in ) ) {
$is_user_logged_in = is_user_logged_in();
}

if ( empty( $gglcptch_options ) ) {
$gglcptch_options = get_option( 'gglcptch_options' );
if ( empty( $gglcptch_options ) ) {
register_gglcptch_settings();
}
}

// Here is a disabling reCaptcha for all json requests
if ( wp_is_json_request() ) {
return false;
}

$result =
! isset( $gglcptch_options[ $form_slug ] ) ||
(
! empty( $gglcptch_options[ $form_slug ] ) &&
( ! $is_user_logged_in || ! gglcptch_is_hidden_for_role() )
);

return $result;
}
}
    • This reply was modified 3 years, 3 months ago by mikeudin.
    • This reply was modified 3 years, 3 months ago by mikeudin. Reason: typos
Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘reCAPTCHA blocks the authentication with WP REST API’ is closed to new replies.