API 401 ERROR

  • Resolved scopicindia

    (@scopicindia)


    7 years, 8 months ago

    Hello there, I have completed authorization successfully but still its shows Sorry, you are not allowed to that. Where I am missing?

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Author Subrata Mal

    (@subratamal)

    7 years, 8 months ago

    Please use WordPress rest API authentication https://v2.wp-api.org/guide/authentication/.

    Thread Starter scopicindia

    (@scopicindia)

    7 years, 8 months ago

    Don’t copy paste same thing everywhere, its really irritating. Its a problem with your plugin. When admin login through browser demo.com/wp-json/wp/v2/wallet/{id} shows data and when customer logins they can’t view their wallet as it shows 401 authorization error. If I removed ‘permission_callback’ => array($this, ‘create_item_permissions_check’) in class-woo-wallet-rest-controller.php its work fine but its accessible to everyone which is a security leak. Its a bug or what but customers should able to view its data by /wallet/{id} or /current_balance/{id} even current_balance not working. Api methods only works when admin logins not working on other user roles and be please mature, I see your response on every api questions you just copy paste the same thing again and again. If you can’t give support just remove this plugin.

    • This reply was modified 7 years, 8 months ago by scopicindia.
    EruditionTec

    (@eruditiontec)

    7 years, 8 months ago

    @scopicindia

    Hi,

    Thanks for your valuable input. Well,about copy paste- I initially wanted to know if you are using the WooCommerce authentication method or the WordPress one as it’s a very common confusion faced by users.

    Now, about the issue you mentioned, the permission is enabled for users with manage_woocommerce capabilities. In order to bypass that, I am sharing a snippet of code. But please note this is not a problem or rather bug of the plugin, its a security protocol which we sincerely believe is important.

    About our support, I would kindle request you to have a glance at the support forum to know about how active we are and what level of willingness we have to help our users. With no offence intended to you, please have patience when you request for any resolution and let us understand your issue with more elaboration in order to provide the best support. I hope you get our point.

    Thank you!

    Here is your code snippet,

    add_filter('woo_wallet_rest_check_permissions', 'woo_wallet_rest_check_permissions_callback');

function woo_wallet_rest_check_permissions_callback($allow_access) {
   if (is_user_logged_in()) {
       $allow_access = true;
   }
   return $allow_access;
}
Viewing 3 replies - 1 through 3 (of 3 total)

The topic ‘API 401 ERROR’ is closed to new replies.