X-WP-Nonce == Cookie nonce无效

时间:2017-10-06 12:12:37

标签: javascript php wordpress rest reactjs

在我的WordPress REST端点上,我在wordpress上登录以返回类似的随机数:

PHP 

$authenticated   = wp_authenticate( $userID , $password );
    $isAuthenticated = ( $authenticated instanceof \WP_User ) ? TRUE : FALSE;

    if ( $isAuthenticated )
    {
        $responseData[ "nonce" ] = wp_create_nonce( "rest" );

        return rest_ensure_response( $responseData );
     }

然后我通过axios将nonce返回给PHP验证它并且它有效!

JS:

let axiosSettings = {
        baseURL: "http://site.localhost",
        url: "/wp-json/id3/test/verify",
        method: "POST",
        data: {
            n: this.state.nonce
        }
}

但是当我把nonce放在标题X-WP-Nonce中时,

let axiosSettings = {
        baseURL: "http://site.localhost",
        url: "/wp-json/id3/test/pc",
        method: "POST",
        data: {
            n: this.state.nonce
        },
        withCredentials: true,
        headers: {
            "X-WP-Nonce": this.state.nonce
        }
    };

它告诉我

Cookie nonce无效,拒绝访问我的REST API。为什么?

1 个答案:

答案 0 :(得分:2)

稍后进行大量搜索......行动必须是" wp_rest"。

How to get current logged in user using Wordpress Rest Api?

相关问题
最新问题