Get user_id from valid token

  • Resolved gioriv

    (@gioriv)


    5 years, 11 months ago

    Hi!

    Thanks for this awesome plugin!
    Just one question: do you know if there is a way to get the wordpress user_id starting from the generated token?
    I have an external mobile app, calling an API I developed in php that use authentication; it would be very useful if I could get the user_id “decoding” the valid generated token.

    Thanks!

    Giovanni

Viewing 9 replies - 1 through 9 (of 9 total)
  • Plugin Author Nicu Micle

    (@nicu_m)

    5 years, 11 months ago

    Hello,

    You can generate the JWT on the simple-jwt-login route. This JWT can contain the WorsPress user ID, and you can also use it in the API that you developed in PHP.

    Also, if you generate the jwt somewhere else, make sure you add the same “decryption key” in the plugin settings( in “General” section).

    If you want to see the deconded payload of you JWT, i suggest using https://jwt.io

    Let me know if my answer helps you and please don’t forget to rate the plugin.

    Best regards,
    Nicu

    Thread Starter gioriv

    (@gioriv)

    5 years, 11 months ago

    Plugin rated πŸ™‚

    I just had the need to decode the token, in order to get the user_id; I did it installing an additional php library; Just wondering if in your plugin is there a way to “decode” the token and get the user_id (and other infos in the payload) without using this external library.

    Thanks for this awesome work!

    Plugin Author Nicu Micle

    (@nicu_m)

    5 years, 11 months ago

    Hello,

    First of all, thank you for rating the plugin.

    JWT has 3 parts ( header.payload.signature ) separated by dots. If you want to get the payload, you can simply take the second part and do a base64_decode() ( in PHP) or atob() (in javascript) on it.

    But, I am thinking you want to decode the payload, only if the signature is verified.
    So, I was thinking to add a new endpoint /auth/validate that validates the JWT and returns the payload and WordPress user ID if it is found.

    Does this idea fit your needs? Or do you have another suggestion?

    Best regards,
    Nicu.

    Thread Starter gioriv

    (@gioriv)

    5 years, 11 months ago

    This would be awesome! Please let me know if is there a way to donate via PayPal in order to support this project.

    Ciao!

    Giovanni

    Plugin Author Nicu Micle

    (@nicu_m)

    5 years, 11 months ago

    Thank you Giovanni for your support. I really appreciate it.

    I will come back with updates after the weekend and let you know how you can use the new endpoint.

    I will also update the documentation and add a donation link instead of the PayPal.me link.

    Have a nice weekend.
    Nicu.

    Thread Starter gioriv

    (@gioriv)

    5 years, 11 months ago

    πŸ˜‰

    have a great we!

    G

    Plugin Author Nicu Micle

    (@nicu_m)

    5 years, 11 months ago

    Thank you for the donation.
    πŸ™‚

    Have a nice weekend!!

    Plugin Author Nicu Micle

    (@nicu_m)

    5 years, 11 months ago

    Hello Giovanni,

    I’ve just released version 2.2.0.

    Here you have a new API endpoint to validate the JWT.
    You just have to make a GET on auth/validate and attach the JWT to the request, and this endpoint will read the plugin configuration, and validate your JWT.

    The response will look something like this:

    
{
    "success": true,
    "data": {
        "user": {
            "ID": "123",
            "user_login": "[email protected]",
            "user_nicename": "test",
            "user_email": "[email protected]",
            "user_url": "",
            "user_registered": "2020-06-29 15:29:22",
            "user_activation_key": "",
            "user_status": "0",
            "display_name": "[email protected]"
        },
        "jwt": [
            {
                "token": "JWT_WILL_BE_HERE",
                "header": {
                    "typ": "JWT",
                    "alg": "HS256"
                },
                "payload": {
                    "iat": 1593449136,
                    "exp": 1593452736,
                    "email": "[email protected]",
                    "id": 123,
                    "site": "http://localhost:81/wordpress4.9.12"
                },
                "expire_in": 3598
            }
        ]
    }
}

    The error message will look something like this:

    
{
    "success": false,
    "data": {
        "message": "The jwt parameter is missing.",
        "errorCode": 53
    }
}

    Also, If the JWT payload will not be compatible with the plugin configuration, you can also get an error like this:
    `
    {
    “success”: false,
    “data”: {
    “message”: “Unable to find user email123 property in JWT.”,
    “errorCode”: 30
    }
    }

    This means that, in your JWT payload, there is no email123 parameter.

    The settings that you make in the Login settings section, will have to be compatible with the JWT payload.

    Please let me know if this fits your needs.

    Also, if you have any other questions, don’t hesitate to write to me.

    Have a nice week.
    Nicu.

    Thread Starter gioriv

    (@gioriv)

    5 years, 11 months ago

    Wowowowowo thats great!
    Thanks for this awesome work!

Viewing 9 replies - 1 through 9 (of 9 total)

The topic ‘Get user_id from valid token’ is closed to new replies.