0
在我的WordPress REST终点,我做了WordPress的登录返回像这样一个随机数:X-WP-杜撰==饼干现时无效
PHP
$authenticated = wp_authenticate($userID , $password);
$isAuthenticated = ($authenticated instanceof \WP_User) ? TRUE : FALSE;
if ($isAuthenticated)
{
$responseData[ "nonce" ] = wp_create_nonce("rest");
return rest_ensure_response($responseData);
}
然后我返回的随机数通过axios回到PHP来验证它,它的工作原理!
JS:
let axiosSettings = {
baseURL: "http://site.localhost",
url: "/wp-json/id3/test/verify",
method: "POST",
data: {
n: this.state.nonce
}
}
但是,当我把现时在头X-WP-随机数,
let axiosSettings = {
baseURL: "http://site.localhost",
url: "/wp-json/id3/test/pc",
method: "POST",
data: {
n: this.state.nonce
},
withCredentials: true,
headers: {
"X-WP-Nonce": this.state.nonce
}
};
它告诉我
Cookie的随机数是无效的,并拒绝访问我的REST API。为什么?