Also running into this problem. The reason is that the initial JWT token doesn’t contain the pass property.
The following line is the cause:
$pass = ( empty( $pass ) ) ? $this->refresh_pass( $user->ID ) : $pass;
The $this->refresh_pass() function doesn’t return the generated pass. This causes the initial token to always be invalid (obsolete).
As workaround, change the refresh_pass function like so:
/**
* Refresh the pass value in user meta.
*
* @param int $user_id The user id.
* @return string The generated pass
*/
private function refresh_pass( $user_id ) {
$pass = md5( uniqid( wp_rand(), true ) );
update_user_meta( $user_id, 'jwt_auth_pass', $pass );
return $pass;
}
-
This reply was modified 4 years, 7 months ago by chrisvd.
