From 043f2b1cbd1a7e6b0b1657bbee6a0bf15c2fcd46 Mon Sep 17 00:00:00 2001
From: MuhammadFaizanHaidar1 <faizan@inspry.com>
Date: Tue, 7 Jan 2025 13:35:30 +0000
Subject: [PATCH] added logic to only allow tangible urls to pass to token
 validaitons

---
 framework/api/rest/routes.php | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/framework/api/rest/routes.php b/framework/api/rest/routes.php
index 9a262daa..8415d3e5 100644
--- a/framework/api/rest/routes.php
+++ b/framework/api/rest/routes.php
@@ -485,7 +485,12 @@ function reset_password( $request ) {
    * Provide current user to the request.
    */
   function rest_pre_dispatch( $result, $server, $request ) {
+    // Check if this is a Loops & Logic endpoint.
+		if ( strpos( $request->get_route(), '/' . $this->namespace ) === false ) {
 
+			return false; // Not our endpoint, skip validation.
+
+		}
     if ($request->get_route() !== '/' . $this->namespace . '/token/validate'
       && !empty($user_id = $this->determine_current_user())
       && !is_user_logged_in()