From a7f1baa1cf4df087affb07d7f13a376becfb1e7c Mon Sep 17 00:00:00 2001
From: sviluppomania <63558798+sviluppomania@users.noreply.github.com>
Date: Thu, 17 Mar 2022 23:59:33 +0100
Subject: [PATCH] 'Authentication failed' message converted in plain text

A failed authentication on /token no more returns an HTML message.

Before this commit, the /token endopoint was returning thw Wordpress default error for a failed login. This was an HTML string with a link to recover the password.

Dealing with REST API it's better to always have plain text as a message
---
 class-auth.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/class-auth.php b/class-auth.php
index 420e09d..7022021 100644
--- a/class-auth.php
+++ b/class-auth.php
@@ -183,7 +183,7 @@ public function get_token( WP_REST_Request $request ) {
 					'success'    => false,
 					'statusCode' => 401,
 					'code'       => $error_code,
-					'message'    => strip_tags( $user->get_error_message( $error_code ) ),
+					'message'    => strip_tags('Authentication failed: '.$error_code),
 					'data'       => array(),
 				),
 				401