[wordpress]wp-api-jwt-auth 尝试添加运行在多站点中 need change

Hi,Thank you this plugin,because i use this plugin on Wordpress one Network,so the request other api's url will be change.
my step is:

1. login : http://localhost/wordpress/wp-json/jwt-auth/v1/token
2. get user blogs: http://localhost/wordpress/wp-json/myplugin/v1/blogs
3. get get first blog token : http://localhost/wordpress/wp-json/token/regain/2,param 2 is the user_blogid,get the return token,change the Angularjs saved user Token
4. get test blog posts : http://localhost/wordpress/test/wp-json/wp/v2/posts

step 2 api like:

function list_blogs($request ){
    $current_user = wp_get_current_user();
    $user_blogs = get_blogs_of_user( $current_user->ID );
    if(count($user_blogs)==0){
        return null;
    }
    else{
        return $user_blogs;
    }
}

add_action( 'rest_api_init', function () {
    register_rest_route( 'myplugin/v1', '/blogs', array(
        'methods' => 'GET',
        'callback' => 'list_blogs',
    ) );
} );

---

file public/class-jwt-auth-public.php,methodadd_api_routes(),i add

register_rest_route($this->namespace, 'token/regain/(?P<blog_id>[0-9]+)', [
    'methods' => 'POST',
    'callback' => array($this, 'regain_token'),
]);

i add method,code is:

/**
* regain the jwt auth for multiSite
* @param WP_REST_REQUEST $request
* 
* @return string token
*/
public function regain_token($request){
    $secret_key = defined('JWT_AUTH_SECRET_KEY') ? JWT_AUTH_SECRET_KEY : false;
    
     /** First thing, check the secret key if not exist return a error*/
    if (!$secret_key) {
        return new WP_Error(
            'jwt_auth_bad_config',
            __('JWT is not configurated properly, please contact the admin', 'wp-api-jwt-auth'),
            array(
                'status' => 403,
            )
        );
    }
    /** Second thing, check the user is logined if not exist return a error*/
    $current_user = wp_get_current_user();
    if (  0 == $current_user->ID ) {
        return new WP_Error( 'rest_not_logged_in', __( 'You are not currently logged in.' ), array( 'status' => 401 ) );
    }
    
    $url_params = $request->get_url_params();
    $param_blog_id = $url_params['blog_id'];
    /** Three thing, check the $param_blog_id belong to the logined user blogs list if not exist return a error*/
    $user_blogs = get_blogs_of_user($current_user->ID);
    $blog_details = null;
    $blog_ids = array();
    $blog_is_exist = false;
    foreach ($user_blogs AS $user_blog) {
       if($param_blog_id == $user_blog->userblog_id){
        $blog_details = $user_blog;
        $blog_is_exist = true;
       }
    }
    if(!$blog_is_exist){
        return new WP_Error( 'jwt_auth_user_not_have_current_blog', __( 'current user not have this blog.' ), array( 'status' => 400 ) );   
    }
    
     /** Valid credentials, the user exists create the according Token */
    $issuedAt = time();
    $notBefore = apply_filters('jwt_auth_not_before', $issuedAt, $issuedAt);
    $expire = apply_filters('jwt_auth_expire', $issuedAt + (DAY_IN_SECONDS * 7), $issuedAt);
    
    $token = array(
        'iss' => $blog_details->siteurl,
        'iat' => $issuedAt,
        'nbf' => $notBefore,
        'exp' => $expire,
        'data' => array(
            'user' => array(
                'id' =>$current_user->ID,
            ),
        ),
    );

    /** Let the user modify the token data before the restore. */
    $token = JWT::encode(apply_filters('jwt_auth_token_before_restore', $token), $secret_key);

    /** The token is signed,only return token */
    $data = array(
        'token' => $token
    );

    /** Let the user modify the data before send it back */
    return apply_filters('jwt_auth_token_before_dispatch', $data, $current_user);
}

the code many is use the generate_token() method code,I only want the logined usre not login again,so i try add this code.

转载于:https://www.cnblogs.com/fsong/p/5997171.html