Mik

Same here, using Ionic (Vuejs, Capacitor) and JWT Auth. It's working with Firefox ionic serve but not on iOs inside app. I get an obsolete Token 401 error.

@billpull thanks I'll have a look. My problem is a bit different it's about the refresh_token cookie.

Maybe it modifies your .htaccess and hijack the modrewrite rules

@sun I'm using wordpress as a rest api so users can register inside a vuejs app and get a JWT token. How would you do that if there's no whitelist?

@sun I built a small plugin to create a user, it registers a custom route so I don't have to supercharge the default user register route. This custom route uses...

@sun for me `'permission_callback' => 'is_user_logged_in'` is not usable in my context... I use Wordpress as a Headless CMS and I only use the REST api through json. I chose...

@sun My users won't know about wordpress, they will never see the admin or login, this is to me the purpose of using REST API and JWT. It is a...

@sun Just to clarify a bit more, when a user is "logged in" with the JWT, he doesn't have access to the admin, or pages supposed to be accessible to...

@sun You can tell me if I'm using it the wrong way.

As mentioned in https://github.com/usefulteam/jwt-auth/pull/60#issuecomment-1073031117 white/blacklist/permission_callback is necessary when you use Wordpress as a Headless CMS (no is_user_logged_in). Also even in a more general context you wouldn't be able to decide...