dottodot

Forum Replies Created

Viewing 2 replies - 1 through 2 (of 2 total)
  • Thread Starter dottodot

    (@dottodot)

    I just copied the function used in this plugin and adapted it to accept request to those endpoint i.e

    function disable_wp_rest_api($access) {

	if (!is_user_logged_in() && $_SERVER['REQUEST_URI'] !== "/wp-json/jwt-auth/v1/token" && $_SERVER['REQUEST_URI'] !== "/wp-json/jwt-auth/v1/token/validate") {

		$message = apply_filters('disable_wp_rest_api_error', __('REST API restricted to authenticated users.', 'disable-wp-rest-api'));

		return new WP_Error('rest_login_required', $message, array('status' => rest_authorization_required_code()));

	}

	return $access;

}
add_filter('rest_authentication_errors', 'disable_wp_rest_api');
    Thread Starter dottodot

    (@dottodot)

    I realised it won’t as you’d need to whitelist the urls for that plugin i.e

    /wp-json/jwt-auth/v1/token
    /wp-json/jwt-auth/v1/token/validate

    when would mean you having to add a whitelist option. Anyway your plugin is nice and simple so I’ve just adapted it for my needs.

Viewing 2 replies - 1 through 2 (of 2 total)