diff --git a/README.md b/README.md index f854d55..a4e90c7 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ # REST API Guard -Stable tag: 1.1.2 +Stable tag: 1.2.0 Requires at least: 6.0 @@ -121,8 +121,8 @@ add_filter( ### Require JSON Web Token (JWT) Authentication for Anonymous Users Anonymous users can be required to authenticate via a JSON Web Token (JWT) to -access the REST API. This can be configured in the plugin's settings or via -code: +access the REST API. Users should pass an `Authorization: Bearer ` header +with their request. This can be configured in the plugin's settings or via code: ```php add_filter( 'rest_api_guard_authentication_jwt', fn () => true ); @@ -149,7 +149,9 @@ add_filter( 'rest_api_guard_jwt_secret', fn ( string $secret ) => 'my-custom-sec ### Allow JWT Authentication for Authenticated Users Authenticated users can be authenticated with the REST API via a JSON Web Token. -This can be configured in the plugin's settings or via code: +Similar to the anonymous JWT authentication, users should pass an +`Authorization: Bearer ` header with their request. This can be +configured in the plugin's settings or via code: ```php add_filter( 'rest_api_guard_user_authentication_jwt', fn () => true ); @@ -158,10 +160,10 @@ add_filter( 'rest_api_guard_user_authentication_jwt', fn () => true ); ### Generating JWTs for Anonymous and Authenticated Users JWTs can be generated by calling the `wp rest-api-guard generate-jwt [--user=]` -command or with the `generate_jwt()` method: +command or using the `Alley\WP\REST_API_Guard\generate_jwt()` method: ```php -$jwt = generate_jwt( +$jwt = \Alley\WP\REST_API_Guard\generate_jwt( expiration: 3600, // Optional. The expiration time in seconds from now. user: 1, // Optional. The user ID to generate the JWT for. Supports `WP_User` or user ID. ); diff --git a/readme.txt b/readme.txt index deec546..e9e0902 100644 --- a/readme.txt +++ b/readme.txt @@ -1,5 +1,5 @@ === REST API Guard === -Stable tag: 1.1.2 +Stable tag: 1.2.0 Requires at least: 6.0 Tested up to: 6.3 Requires PHP: 8.0 @@ -92,8 +92,8 @@ via code: ### Require JSON Web Token (JWT) Authentication Anonymous users can be required to authenticate via a JSON Web Token (JWT) to -access the REST API. This can be configured in the plugin's settings or via -code: +access the REST API. Users should pass an `Authorization: Bearer ` header +with their request. This can be configured in the plugin's settings or via code: add_filter( 'rest_api_guard_authentication_jwt', fn () => true ); @@ -129,16 +129,19 @@ The JWT's secret will be autogenerated and stored in the database in the ### Allow JWT Authentication for Authenticated Users Authenticated users can be authenticated with the REST API via a JSON Web Token. -This can be configured in the plugin's settings or via code: +Similar to the anonymous JWT authentication, users should pass an +`Authorization: Bearer ` header with their request. This can be +configured in the plugin's settings or via code: add_filter( 'rest_api_guard_user_authentication_jwt', fn () => true ); ### Generating JWTs for Anonymous and Authenticated Users -JWTs can be generated by calling the `wp rest-api-guard generate-jwt [--user=]` -command or with the `generate_jwt()` method: +JWTs can be generated by calling the +`wp rest-api-guard generate-jwt [--user=]` command or using the +`Alley\WP\REST_API_Guard\generate_jwt()` method: - $jwt = generate_jwt( + $jwt = \Alley\WP\REST_API_Guard\generate_jwt( expiration: 3600, // Optional. The expiration time in seconds from now. user: 1, // Optional. The user ID to generate the JWT for. Supports `WP_User` or user ID. );