/*Check nonce auth each API request*/
$header_val = getallheaders();
if (!empty($header_val['X-WP-Nonce'])) {
$nonce_val = $header_val['X-WP-Nonce'];
}
if(!empty($nonce_val)){
// Check the nonce.
$result = wp_verify_nonce( $nonce_val, 'wp_rest' );
if ( ! $result ) {
return new WP_Error( 'rest_cookie_invalid_nonce', __( 'Cookie nonce is invalid' ), array( 'status' => 403 ) );
}
}else{
return new WP_Error( 'rest_cookie_invalid_nonce', __( 'Auth key is empty' ), array( 'status' => 403 ) );
}
$header_val = getallheaders();
if (!empty($header_val['X-WP-Nonce'])) {
$nonce_val = $header_val['X-WP-Nonce'];
}
if(!empty($nonce_val)){
// Check the nonce.
$result = wp_verify_nonce( $nonce_val, 'wp_rest' );
if ( ! $result ) {
return new WP_Error( 'rest_cookie_invalid_nonce', __( 'Cookie nonce is invalid' ), array( 'status' => 403 ) );
}
}else{
return new WP_Error( 'rest_cookie_invalid_nonce', __( 'Auth key is empty' ), array( 'status' => 403 ) );
}
No comments:
Post a Comment