wp-graphql · jasonbahl · Jul 19, 2019 · Jul 16, 2019 · Jul 16, 2019 · Jul 17, 2019
diff --git a/src/Auth.php b/src/Auth.php
@@ -364,6 +364,7 @@ protected static function authenticate_user( $username, $password ) {
 	 * @param (int|bool) $user Logged User ID
 	 *
 	 * @return mixed|false|\WP_User
+	 * @throws \Exception
 	 */
 	public static function filter_determine_current_user( $user ) {
 
@@ -377,7 +378,7 @@ public static function filter_determine_current_user( $user ) {
 		/**
 		 * If no token was generated, return the existing value for the $user
 		 */
-		if ( empty( $token ) ) {
+		if ( empty( $token ) || is_wp_error( $token ) ) {
 
 			/**
 			 * Return the user that was passed in to the filter
@@ -397,7 +398,6 @@ public static function filter_determine_current_user( $user ) {
 
 		}
 
-
 		/**
 		 * Everything is ok, return the user ID stored in the token
 		 */
@@ -488,6 +488,7 @@ public static function unrevoke_user_secret( int $user_id ) {
 
 	}
 
+
 	protected static function set_status( $status_code ) {
 		add_filter( 'graphql_response_status_code', function() use ( $status_code ) {
 			return $status_code;
@@ -560,7 +561,7 @@ public static function validate_token( $token = null, $refresh = false ) {
 			/**
 			 * The Token is decoded now validate the iss
 			 */
-			if ( get_bloginfo( 'url' ) !== $token->iss ) {
+			if ( ! isset( $token->iss ) || get_bloginfo( 'url' ) !== $token->iss ) {
 				throw new \Exception( __( 'The iss do not match with this server', 'wp-graphql-jwt-authentication' ) );
 			}
 

diff --git a/vendor/composer/ClassLoader.php b/vendor/composer/ClassLoader.php
@@ -279,7 +279,7 @@ public function isClassMapAuthoritative()
      */
     public function setApcuPrefix($apcuPrefix)
     {
-        $this->apcuPrefix = function_exists('apcu_fetch') && ini_get('apc.enabled') ? $apcuPrefix : null;
+        $this->apcuPrefix = function_exists('apcu_fetch') && filter_var(ini_get('apc.enabled'), FILTER_VALIDATE_BOOLEAN) ? $apcuPrefix : null;
     }
 
     /**
@@ -377,7 +377,7 @@ private function findFileWithExtension($class, $ext)
             $subPath = $class;
             while (false !== $lastPos = strrpos($subPath, '\\')) {
                 $subPath = substr($subPath, 0, $lastPos);
-                $search = $subPath.'\\';
+                $search = $subPath . '\\';
                 if (isset($this->prefixDirsPsr4[$search])) {
                     $pathEnd = DIRECTORY_SEPARATOR . substr($logicalPathPsr4, $lastPos + 1);
                     foreach ($this->prefixDirsPsr4[$search] as $dir) {

diff --git a/wp-graphql-jwt-authentication.php b/wp-graphql-jwt-authentication.php
@@ -163,7 +163,6 @@ private function includes() {
 		 */
 		private static function init() {
 
-
 			/**
 			 * Initialize the GraphQL fields for managing tokens
 			 */
@@ -175,7 +174,7 @@ private static function init() {
 			add_filter( 'determine_current_user', [
 				'\WPGraphQL\JWT_Authentication\Auth',
 				'filter_determine_current_user'
-			], 10, 1 );
+			], 99, 1 );
 
 			/**
 			 * Filter the rootMutation fields
@@ -202,4 +201,4 @@ function init() {
 	return JWT_Authentication::instance();
 }
 
-add_action( 'plugins_loaded', '\WPGraphQL\JWT_Authentication\init' );
+add_action( 'plugins_loaded', '\WPGraphQL\JWT_Authentication\init', 1 );