Woocommerce: REST authentication should return true if authentication is successful
When rest authentication is used and is successful return true in 'rest_authentication_errors' hook. So we can skip other authentication methods.
From wp rest filter 'rest_authentication_errors' comments:
@param WP_Error|null|bool WP_Error if authentication error, null if authentication method wasn't used, true if authentication succeeded.
veisis
All 3 comments
In this case the handling looks correct. WooCommerce auth is not a replacement auth for the WP Rest API - it's in addition, a fallback if you will.
If another (real) WP Rest API auth method is being used, this will happen:
// Passthrough other errors.
if ( ! empty( $error ) ) {
return $error;
}
So if another auth method was successful, it's true and returned true. No WC auth needed.
Otherwise it returns the result of WC auth, which will be WP_Error|null|bool.
@claudiosanches Correct?
mikejolley
on 21 Feb 2017
Yes and no.
We don't care about WP REST. We only work with woocommerce rest api.
We require authentication. No public access.
Here is basic example:
function disable_rest_public_access($result) {
if(!empty($result)) //result = true or WP_Error
{
return $result;
}
return new WP_Error( 'rest_auth_required', 'REST AUTHENTICATION REQUIRED', array( 'status' => 401 ) );
}
add_filter('rest_authentication_errors', 'disable_rest_public_access', 1000);
We don't care about WP REST. We only work with woocommerce rest api.
They are one and the same thing.
We require authentication. No public access.
Our API does not allow public access.
mikejolley
on 21 Feb 2017
Related issues
svenauhagen
路
3Comments
pierrestoffe
路
3Comments
5tormTrooper
路
3Comments
tushonline
路
3Comments
richrd
路
3Comments