Search code examples
wordpressadvanced-custom-fieldswordpress-rest-api

JWT Authentication for WP-API - POST TO ACF Fields

I am trying to make an Auth via JWT Authentication for WP-API plugin. I am trying to follow this tutorial - steps, in this link: https://firxworx.com/blog/wordpress/using-the-wordpress-rest-api-with-jwt-authentication/

Thus, I made a function in my functions.php file, inside my child theme and call this function in the header of a custom page template I have created, before get_header(); func. So, my code for now is like this:

function getToken() {
    $ch = curl_init();
    curl_setopt($ch, CURLOPT_URL,'https://www.example.com/wp-json/jwt-auth/v1/token');
    curl_setopt($ch, CURLOPT_POST, 1);
    curl_setopt($ch, CURLOPT_POSTFIELDS, 'username=admin&password=password');
    curl_setopt($ch, CURLOPT_HTTPHEADER, array(
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
    curl_setopt($ch, CURLOPT_HTTPHEADER, array(
    'Content-Type: application/x-www-form-urlencoded',
    "cache-control: no-cache",
));
    $server_output = curl_exec($ch);        

    $token_result = json_decode($server_output);
    if(isset($token_result->token)) {
        return $token_result->token;
    }
    else {
        return $token_result->message;
    }
}

But, still getting this error:
"Invalid response getting JWT token on WordPress for API integration"

I want to make this API Call, in order to validate the user, before proceed my script. Without this validation, PHP should stop being execute.

After doing this API Call, I would like to make a POST in some Advance Custom Fields (ACF Pro plugin) that I have in some custom posts types..but this is another question..

Any advice or any other workarround solution on that, could be helpful please let me know

*EDITED

Found something.. because of Wordfence - captcha I can not get the token. it tells me to verify via email sent. Thus, the wordfence said: The filter “wordfence_ls_require_captcha” can be used to disable the CAPTCHA in circumstances of your choice. This may be useful for plugins that contain REST endpoints with authentication that should not require a CAPTCHA. Your filter should return false to bypass the CAPTCHA requirement when necessary, or otherwise true when the CAPTCHA should be required". How could I use this filter and where? How to return false in this filter like plugin suggests?

There is also the same problem here:
https://wordpress.org/support/topic/recaptcha-and-rest-api/
but no solution posted

Anyone, how to disable the verification send email through Wordfence? cause this is the problem

Solution

  • Finally, I got this working!
    thanks to this post
    How to disable auth verification email send, from Wordfence?

    and @mircobabini help.

    I have added the filter in my functions.php file of my child-theme like this:

    add_filter( 'wordfence_ls_require_captcha', '__return_false' );

    Thus, the validation email for logging in via Wordfence, does not send anymore and I can proceed to my code.

    *I have edited my getToken() function, because there were some errors in it!