84% ah-jwt-auth

Code Review | AH JWT Auth

WordPress plugin AH JWT Auth scored84%from 54 tests.

About plugin

  • Plugin page: ah-jwt-auth
  • Plugin version: 1.5.1
  • PHP compatiblity: 7.0+
  • PHP version: 7.4.16
  • WordPress compatibility: 4.7-6.3.2
  • WordPress version: 6.3.1
  • First release: Apr 22, 2021
  • Latest release: Nov 9, 2023
  • Number of updates: 34
  • Update frequency: every 27.4 days
  • Top authors: andrewheberle (100%)

Code review

54 tests

User reviews

1 review

Install metrics

10+ active /1,270 total downloads


Plugin footprint 83% from 16 tests

Installer Passed 1 test

🔺 Critical test (weight: 50) | Verifying that this plugin installs correctly without errors
Installer ran successfully

Server metrics [RAM: ▲0.01MB] [CPU: ▼10.39ms] Passed 4 tests

This is a short check of server-side resources used by AH JWT Auth
Server-side resource usage in normal parameters
PageMemory (MB)CPU Time (ms)
Home /3.48 ▲0.0238.16 ▼1.12
Dashboard /wp-admin3.32 ▼0.0242.30 ▼21.49
Posts /wp-admin/edit.php3.38 ▲0.0246.73 ▼4.12
Add New Post /wp-admin/post-new.php5.91 ▲0.0281.65 ▼14.81
Media Library /wp-admin/upload.php3.25 ▲0.0234.63 ▲1.14
AH JWT Auth /wp-admin/options-general.php?page=ahjwtauth-sign-in-widget3.2431.62

Server storage [IO: ▲0.14MB] [DB: ▲0.00MB] Passed 3 tests

Filesystem and database footprint
No storage issues were detected
Filesystem: 31 new files
Database: no new tables, 6 new options
New WordPress options

Browser metrics Passed 4 tests

A check of browser resources used by AH JWT Auth
Minimal impact on browser resources
PageNodesMemory (MB)Script (ms)Layout (ms)
Home /2,819 ▲7214.72 ▲0.442.07 ▲0.4344.53 ▼0.84
Dashboard /wp-admin2,193 ▲195.49 ▼0.1889.56 ▼10.4540.23 ▼2.75
Posts /wp-admin/edit.php2,101 ▼22.00 ▲0.0539.47 ▲2.6535.56 ▲5.57
Add New Post /wp-admin/post-new.php1,529 ▲323.49 ▼0.12608.98 ▼81.3263.43 ▲9.79
Media Library /wp-admin/upload.php1,407 ▲104.15 ▼0.0196.99 ▼7.8040.35 ▼5.40
AH JWT Auth /wp-admin/options-general.php?page=ahjwtauth-sign-in-widget8592.0022.8326.82

Uninstaller [IO: ▲0.00MB] [DB: ▲0.00MB] 75% from 4 tests

🔸 Tests weight: 35 | Verifying that this plugin uninstalls completely without leaving any traces
Please fix the following items
  • This plugin did not uninstall successfully, leaving 6 options in the database
    • can_compress_scripts
    • db_upgraded
    • widget_recent-comments
    • theysaidso_admin_options
    • widget_recent-posts
    • widget_theysaidso_widget

Smoke tests 75% from 4 tests

Server-side errors Passed 1 test

🔹 Test weight: 20 | This is a short smoke test looking for server-side errors
Even though everything seems fine, this is not an exhaustive test

SRP 50% from 2 tests

🔹 Tests weight: 20 | SRP (Single-Responsibility Principle) - PHP files must act as libraries and never output text or perform any action when accessed directly in a browser
Please fix the following
  • 2× GET requests to PHP files have triggered server-side errors or warnings:
    • > PHP Fatal error
      Uncaught Error: Call to undefined function settings_fields() in wp-content/plugins/ah-jwt-auth/templates/options-form.php:15
    • > PHP Fatal error
      Uncaught Error: Call to undefined function AhJwtAuth\\add_action() in wp-content/plugins/ah-jwt-auth/includes/class-ahjwtauthadmin.php:28

User-side errors Passed 1 test

🔹 Test weight: 20 | This is just a short smoke test looking for browser issues
Everything seems fine on the user side


Plugin configuration Passed 29 tests

readme.txt Passed 16 tests

The readme.txt file is important because it is parsed by WordPress.org for the public listing of your plugin
5 plugin tags: auth, sso, authentication, jwt, login

ah-jwt-auth/ah-jwt-auth.php Passed 13 tests

The entry point to "AH JWT Auth" version 1.5.1 is a PHP file that has certain tags in its header comment area
95 characters long description:
This plugin allows sign in to WordPress using a JSON Web Token (JWT) contained in a HTTP Header

Code Analysis Passed 3 tests

File types Passed 1 test

🔸 Test weight: 35 | This is an overview of file extensions present in this plugin and a short test that no dangerous files are bundled with this plugin
Good job! No executable or dangerous file extensions detected1,965 lines of code in 26 files:
LanguageFilesBlank linesComment linesLines of code

PHP code Passed 2 tests

An overview of cyclomatic complexity and code structure
There were no cyclomatic complexity issued detected
Cyclomatic complexity
Average complexity per logical line of code0.44
Average class complexity18.31
▷ Minimum class complexity1.00
▷ Maximum class complexity72.00
Average method complexity3.62
▷ Minimum method complexity1.00
▷ Maximum method complexity21.00
Code structure
▷ Abstract classes00.00%
▷ Concrete classes13100.00%
▷ Final classes00.00%
▷ Static methods3843.18%
▷ Public methods6675.00%
▷ Protected methods00.00%
▷ Private methods2225.00%
▷ Named functions116.67%
▷ Anonymous functions583.33%
▷ Global constants00.00%
▷ Class constants3100.00%
▷ Public constants00.00%

Plugin size Passed 2 tests

Image compression Passed 2 tests

It is recommended to compress PNG files in your plugin to minimize bandwidth usage
There are no PNG files in this plugin