This free add-on for
CoCart allows you to authenticate via a simple JWT Token.
★★★★★
An excellent plugin, which makes building a headless WooCommerce experience a breeze. Easy to use, nearly zero setup time. Harald Schneider
Enable PHP HTTP Authorization Header
🖥️ Shared Hosts
Most shared hosts have disabled the
HTTP Authorization Header by default.
To enable this option you'll need to edit your
.htaccess file by adding the following:
RewriteEngine on RewriteCond %{HTTP:Authorization} ^(.*) RewriteRule ^(.*) - [E=HTTP_AUTHORIZATION:%1]
or
RewriteEngine On RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
WPEngine
To enable this option you'll need to edit your
.htaccess file by adding the following (see
this issue):
SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1
🧰 Configuration
- Set a unique secret key in your
wp-config.php
file defined to COCART_JWT_AUTH_SECRET_KEY
.
- Install and activate plugin.
Token Expiration
By default, the token expires after two full days but can be filtered to change to your preference using this hook
cocart_jwt_auth_expire
.
Here is an example changing it to expire after just 2 hours.
add_filter( 'cocart_jwt_auth_expire', function() { return MINUTE_IN_SECONDS * 120 });
📄 Usage
- Authenticate via basic method with the login endpoint to get your token.
- Store the given token under
jwt_token
in your application.
- Now authenticate any cart route with
Bearer
authentication with the token given.
🧰 Developer Tools
- CoCart Beta Tester allows you to easily update to pre-release versions of CoCart Lite for testing and development purposes.
- CoCart VSCode extension for Visual Studio Code adds snippets and autocompletion of functions, classes and hooks.
- CoCart Product Support Boilerplate provides a basic boilerplate for supporting a different product types to add to the cart with validation including adding your own parameters.
- CoCart Cart Callback Example provides you an example of registering a callback that can be triggered when updating the cart.
★★★★★
Amazing Plugin. I’m using it to create a react-native app with WooCommerce as back-end. This plugin is a life-saver! Daniel Loureiro
👍 Add-ons to further enhance CoCart
We also have other add-ons that extend CoCart to enhance your development and your customers shopping experience.
They work with the core of CoCart already, and these add-ons of course come with support too.
⌨️ Join our growing community
A Discord community for developers, WordPress agencies and shop owners building the fastest and best headless WooCommerce stores with CoCart.
Join our community
🐞 Bug reports
Bug reports for CoCart - JWT Authentication are welcomed in the
CoCart - JWT Authentication repository on GitHub. Please note that GitHub is not a support forum, and that issues that aren’t properly qualified as bugs will be closed.
More information
💯 Credits
This plugin is developed and maintained by
Sébastien Dumont.
Founder of
CoCart Headless, LLC.
Minimum Requirements
- WordPress v5.6
- WooCommerce v6.4
- PHP v7.4
- CoCart v3.8.1
Recommended Requirements
- WordPress v6.0 or higher.
- WooCommerce v7.0 or higher.
- PHP v8.0 or higher.
Automatic installation
Automatic installation is the easiest option as WordPress handles the file transfers itself and you don’t need to leave your web browser. To do an automatic install of CoCart - Cart Enhanced, log in to your WordPress dashboard, navigate to the Plugins menu and click Add New.
In the search field type "CoCart JWT Authentication" and click Search Plugins. Once you’ve found the plugin you can view details about it such as the point release, rating and description. Most importantly of course, you can install it by simply clicking "Install Now".
Manual installation
The manual installation method involves downloading the plugin and uploading it to your webserver via your favourite FTP application. The WordPress codex contains
instructions on how to do this here.
Upgrading
It is recommended that anytime you want to update "CoCart JWT Authentication" that you get familiar with what's changed in the release.
CoCart JWT Authentication uses Semver practices. The summary of Semver versioning is as follows:
- MAJOR version when you make incompatible API changes.
- MINOR version when you add functionality in a backwards compatible manner.
- PATCH version when you make backwards compatible bug fixes.
You can read more about the details of Semver at
semver.org