From 927c2ca8445e8a4155cade2c525f14377d80b381 Mon Sep 17 00:00:00 2001
From: Sean Fisher <srtfisher@gmail.com>
Date: Mon, 18 Mar 2024 08:44:07 -0400
Subject: [PATCH 1/2] Ignore JWT authentication for the REST API if the user is
 already authenticated

---
 CHANGELOG.md | 4 ++++
 plugin.php   | 2 +-
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 5b0e329..9576c70 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,6 +2,10 @@
 
 All notable changes to `wp-rest-guard` will be documented in this file.
 
+## v1.3.1 - 2024-03-18
+
+- Ignore JWT authentication for the REST API if the user is already authenticated.
+
 ## v1.3.0 - 2024-02-27
 
 - Allow the claims to be added to a generated JWT via filter.
diff --git a/plugin.php b/plugin.php
index 2392563..9135b9f 100644
--- a/plugin.php
+++ b/plugin.php
@@ -71,7 +71,7 @@ function should_prevent_anonymous_access( WP_REST_Server $server, WP_REST_Reques
 		return false;
 	}
 
-	if ( class_exists( JWT::class ) ) {
+	if ( class_exists( JWT::class ) && ! is_user_logged_in() ) {
 		/**
 		 * Check if the anonymous request requires a JSON Web Token (JWT).
 		 *

From 4c34858f1fba36ccef592e9715062c8e325b3ec8 Mon Sep 17 00:00:00 2001
From: Sean Fisher <srtfisher@gmail.com>
Date: Wed, 20 Mar 2024 11:11:08 -0400
Subject: [PATCH 2/2] Fixing test

---
 tests/RestApiGuardTest.php | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/tests/RestApiGuardTest.php b/tests/RestApiGuardTest.php
index 6bd3463..febf319 100644
--- a/tests/RestApiGuardTest.php
+++ b/tests/RestApiGuardTest.php
@@ -122,7 +122,8 @@ public function test_prevent_anonymous_access_settings() {
 	}
 
 	public function test_check_options_requests() {
-		$this->expectApplied( 'rest_api_guard_check_options_requests' )->times( 3 );
+		$this->assertNotAuthenticated();
+		$this->expectApplied( 'rest_api_guard_check_options_requests' )->times( 8 );
 
 		// Check the default settings.
 		update_option(