Make WordPress Core

Opened 16 months ago

Closed 16 months ago

Last modified 16 months ago

#57510 closed defect (bug) (invalid)

/wp/v2/users/me returns rest_not_logged_in when using plain permalinks

Reported by: clairedev's profile clairedev Owned by:
Milestone: Priority: normal
Severity: normal Version:
Component: REST API Keywords: reporter-feedback
Focuses: rest-api Cc:

Description

I'm using an application password for basic authentication with an admin user. When permalinks are set to plain, calling /wp/v2/users/me always returns a 401 rest_not_logged_in. I'm calling it using the rest_route param like so: ?rest_route=/wp/v2/users/me and a simple curl request. When I change the permalinks to any other setting, the call succeeds. I can consistently recreate this issue on two different WP sites. Please fix!

Change History (6)

#1 follow-up: @peterwilsoncc
16 months ago

  • Component changed from HTTP API to REST API
  • Keywords reporter-feedback added

Hi @clairedev and welcome to wordpress.org and trac!

I'm unable to reproduce this, I'm afraid. While testing locally with plain permalinks I receive the expected result via a curl authenticated GET request:

$ curl 'http://admin:123456789012345678901234@wp-dev.local/?rest_route=/wp/v2/users/me'

{"id":1,"name":"admin","url":"http:\/\/wp-dev.local","description":"","link":"http:\/\/wp-dev.local\/?author=1","slug":"admin","avatar_urls":{"24":"http:\/\/2.gravatar.com\/avatar\/e64c7d89f26bd1972efa854d13d7dd61?s=24&d=mm&r=g","48":"http:\/\/2.gravatar.com\/avatar\/e64c7d89f26bd1972efa854d13d7dd61?s=48&d=mm&r=g","96":"http:\/\/2.gravatar.com\/avatar\/e64c7d89f26bd1972efa854d13d7dd61?s=96&d=mm&r=g"},"meta":[],"_links":{"self":[{"href":"http:\/\/wp-dev.local\/index.php?rest_route=\/wp\/v2\/users\/1"}],"collection":[{"href":"http:\/\/wp-dev.local\/index.php?rest_route=\/wp\/v2\/users"}]}}

Are you able to provide further information if you are not using the same URL format as I? Please remember to replace the password with a placeholder, especially if the URL is from a public site.

#2 @mukesh27
16 months ago

  • Version 6.1.1 deleted

#3 in reply to: ↑ 1 @clairedev
16 months ago

Thanks for the quick response! Here's the format of my curl:

curl -u username:application-password https://9xx.90f.myftpupload.com/index.php?rest_route=/wp/v2/users/me

The same thing happens for https://txh.1ed.myftpupload.com/. I also just tested this using the Basic Authentication plugin and and am seeing the same issue.

#4 @peterwilsoncc
16 months ago

Hi Claire,

I checked with the above formatting as wasn't able to reproduce the error. In both cases the following provided the expected results from the endpoint:

$ curl -u admin:applicationpassword 'http://wp-dev.local/?rest_route=/wp/v2/users/me'

$ curl -u 'admin:application password with spaces' 'http://wp-dev.local/?rest_route=/wp/v2/users/me'

Are you able to reproduce this on a site without any plugins and using a default theme?

Last edited 16 months ago by peterwilsoncc (previous) (diff)

#5 @clairedev
16 months ago

  • Resolution set to invalid
  • Status changed from new to closed

Yes, this site https://txh.1ed.myftpupload.com/ has no plugins and is using the Twenty Twenty-Three theme. The sites I've been experiencing this issue on are set up through GoDaddy (I work there), so I'm thinking something on our end is causing this. I also just got set up locally and can't recreate. Will resolve this ticket for now, thanks again for the quick response!

#6 @peterwilsoncc
16 months ago

  • Milestone Awaiting Review deleted

Thanks for following up, it's much appreciated.

Feel free to re-open this ticket if you discover the issue to be an edge case in WordPress.

Note: See TracTickets for help on using tickets.