chi11ax
Reputation: 631
X-WP-Nonce == Cookie nonce is invalid
On my WordPress REST endpoint, I did a login on wordpress to return a nonce like so:
PHP
$authenticated = wp_authenticate( $userID , $password );
$isAuthenticated = ( $authenticated instanceof \WP_User ) ? TRUE : FALSE;
if ( $isAuthenticated )
{
$responseData[ "nonce" ] = wp_create_nonce( "rest" );
return rest_ensure_response( $responseData );
}
Then I returned the nonce through axios back to PHP to verify it and it works!
JS:
let axiosSettings = {
baseURL: "http://site.localhost",
url: "/wp-json/id3/test/verify",
method: "POST",
data: {
n: this.state.nonce
}
}
But when I put the nonce in the header X-WP-Nonce,
let axiosSettings = {
baseURL: "http://site.localhost",
url: "/wp-json/id3/test/pc",
method: "POST",
data: {
n: this.state.nonce
},
withCredentials: true,
headers: {
"X-WP-Nonce": this.state.nonce
}
};
it tells me the
Cookie nonce is invalid and refuses to access my REST API. Why's that?
Upvotes: 4
Views: 3771
Answers (1)
chi11ax
Reputation: 631
Lots of searching later ... the action needs to be "wp_rest".
How to get current logged in user using Wordpress Rest Api?
Upvotes: 5
Related Questions
- Cookies.get() is undefined
- Wordpress: Problem with rest_cookie_invalid_nonce
- Can't acces the Wordpress Api from a React website
- Not able to get cookie from Node to React
- Cannot retrieve cookies from react request
- this set-cookie was blocked because its domain attribute was invalid with regards to the curent host url
- Safari is Rejecting Cookies When Calling An API On Another Server
- Can't read 'httpOnly: false' Cookie
- axios not retrieving cookie
- Wordpress Auth + Nonces + Ajax + No Templating - Cookie nonce is invalid