Skip to content

Commit

Permalink
Ignore JWT authentication for the REST API if the user is already aut…
Browse files Browse the repository at this point in the history 
…henticated
  • Loading branch information
@srtfisher
srtfisher committed Mar 18, 2024
1 parent b037f7b commit 927c2ca
Show file tree
Hide file tree
Showing 2 changed files with 5 additions and 1 deletion.
4 changes: 4 additions & 0 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,10 @@

All notable changes to `wp-rest-guard` will be documented in this file.

## v1.3.1 - 2024-03-18

- Ignore JWT authentication for the REST API if the user is already authenticated.

## v1.3.0 - 2024-02-27

- Allow the claims to be added to a generated JWT via filter.
Expand Down
2 changes: 1 addition & 1 deletion plugin.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -71,7 +71,7 @@ function should_prevent_anonymous_access( WP_REST_Server $server, WP_REST_Reques
return false;
}

if ( class_exists( JWT::class ) ) {
if ( class_exists( JWT::class ) && ! is_user_logged_in() ) {
/**
* Check if the anonymous request requires a JSON Web Token (JWT).
*
Expand Down

0 comments on commit 927c2ca

Please sign in to comment.