Authentication for a mobile app connected via wp-rest api?

I’m not an expert of mobile apps, but as far as I know cookies don’t play well with mobile apps.

I’m working on a similar project (Angular Frontend – WordPress Backend).
Outh is by far the most secure way to go, but it’s rather complicated.
I’m using the wp-api-jwt-auth plugin instead.

If you configure it properly it works quite well.

As an example I share my angular code for user login:

// auth.service.ts

logIn(username: string, password: string, persist?: boolean): Observable<boolean>
{
    persist = persist || false;
    return this.http.post<IUser>(
        API_BASE_DOMAIN + API_BASE_PATH + '/jwt-auth/v1/token',
        { username: username, password: password, remember: persist },
        {
            withCredentials: true, // Send cookies
        }
    ).map(response  => {
        // login successful if there's a jwt token in the response
        if (response.token)
        {
            // set current user data
            this.currentUser = response;

            // store username and jwt token in local storage to keep user logged in between page refreshes
            let storage = (persist) ? localStorage : sessionStorage;
            storage.setItem('currentUser', JSON.stringify(this.currentUser));

            // return true to indicate successful login
            return true;
        }
        else
        {
            // return false to indicate failed login
            return false;
        }
    },
    error => {
        console.log(error);
        return false;
    });
}

On the frontend I use auth0/jwt-auth to handle proper headers/token injection.

Hope this helps

Related Posts:

  1. How do I use the WP REST API plugin and the OAuth Server plugin to allow for registration and login?
  2. What is an Endpoint?
  3. Create API for single sign-on with 3rd party site
  4. Set up WP Authentication from External API
  5. How do I cache (core) API requests?
  6. WP REST API only returning partial list of users
  7. Retrieving pages with multiple tags using REST API
  8. how to authenticate for the REST API from a plugin and from command line
  9. WP API : date_query parameter
  10. Authentication/API Questions
  11. Get more than 10 posts in a specific category with the wordpress api
  12. Create post with REST API in php with file_get_contents
  13. WordPress REST API “rest_authentication_errors” doesn’t work external queries?
  14. node-wpapi: how to handle authentication?
  15. Post body not working with wp_remote_post()
  16. Get non-rendered content from WP-API
  17. Calling an API to do authentication / user login
  18. Add basic authentication of WordPress on any external PHP file?
  19. Authenticating a user with the WP-API V2 in Postman
  20. How to edit feature image with XML RPC?
  21. WP REST API and Access-Control-Allow-Origin
  22. Set up WP Authentication from External API
  23. Working Around rest_forbidden_context
  24. register/login api
  25. How to use following API with WordPress?
  26. Extending the API I created to return category names
  27. XMLRPC: How to retrieve possible custom fields for a new post?
  28. How do you get the API key for Locu?
  29. Query WP REST API v2 by multiple meta keys
  30. Is there a way to get protected meta fields through any of the available built-in WordPress APIs? (xmlrpc, wp-json)
  31. Fetching private posts or custom post types via WP-API with basic authentication
  32. WP set auth cookie using Ajax is not saved to browser
  33. How do I retrieve a list of popular plugins using the WordPress.org Plugin API?
  34. How to get the attached gallery in the rest API?
  35. WordPress.org Support Forum API
  36. Connect external web app to wordpress
  37. How to get all posts (in chunks) via XML-RPC?
  38. How to add a custom parameter to a WP API default route?
  39. curl POST work with user meta but not the custom user meta
  40. WordPress API – count posts
  41. Can we access the REST request parameters from within the permission_callback to enforce a 401 by returning false?
  42. API for Post Stats for Self-Hosted WordPress using JetPack [closed]
  43. Displaying Content with WP Rest API
  44. API getting null values with wp_remote_post
  45. I am trying to use the Theme Customization API but I keep getting an error
  46. Custom Post for Locating by Google Maps API
  47. Authenticate with a Rails app?
  48. Extending WordPress REST API
  49. How to avoid loading wp-load.php from external php scripts?
  50. WP_REMOTE_POST Requests are being blocked by API provider [closed]
  51. POST request not going through?
  52. How can I send edits to my blog programmaticly?
  53. I want to retrieve all posts of a blog without username & password
  54. Create a range slider to change font-size with different screens sizes in wordpress customizer api
  55. WordPress as GraphQL client
  56. How to add custom preview urls for some pages?
  57. How to save post with different languages and linked them with WPML?
  58. Mixcloud FooterWidget api errors in Chrome and Safari but not Firefox?
  59. Woocommerce api: create product with images – bad request
  60. wordpress “rest_invalid_handler” error
  61. Store regex expression in WordPress DB using Options API
  62. Using WordPress as an API [closed]
  63. Best way to integrate contact us page with wordpress REST API [closed]
  64. Manage a resource via REST API
  65. WP List Table in custom post type
  66. Easiest way to call an External rest API?
  67. WordPress Login Customization for External Authentication
  68. Return scheduled posts with WP REST API
  69. Get a remote post ID via API given URL
  70. Accessing a 3rd party API – terminology to differentiate between that and publishing an API?
  71. How to change the date and time in REST API for comments?
  72. WordPress HTTP API NTLM Authentication
  73. Creating posts from API data, how to identify posts already imported?
  74. Use WordPress user database in external php application
  75. Theme Customization API Changes not Saving
  76. wp_signon returns user but the user is not logged in because wp installed on subdomain. How to make it work?
  77. get_pages and get_posts returning different data?
  78. How to display relations via wordpress Rest API
  79. Allow REST API Endpoint to specific user and hide from public
  80. Solution for processing lots of data with CRON/API, dealing with memory/timeout issues
  81. woocommerce api echo out response
  82. Limit the number of external API calls per second
  83. WordPress API – Getting just post content
  84. How do i post data to url with fields?
  85. Adding geographical information on a registration page
  86. rest_cannot_create_user
  87. Get total count of records in WP GraphQL API
  88. Implementing URL JSON API Data into Website
  89. Intergrate JSON into wordpress
  90. Daily automatic update of stock quotes via REST API and Cronjob. Or is there a more sophisticated way?
  91. Hiding WordPress REST endpoints from public viewing using Basic Authentication
  92. Stop Vimeo video with javascript – inside a loop and using a modal window
  93. Why does “if statement” has to “die()”, otherwise wont work?
  94. Cannot get transient to work on shortcode, Moz API
  95. XML RPC -> Create User
  96. Get full page HTML for a non-public WordPress page
  97. Trying to integrate wordpress query on other website – getting redirection to wp-install
  98. WordPress SMS API integration without plugin
  99. Adding Microsoft Teams Incoming Webhook to WordPress, Problem with Rest Route?
  100. How to submit a button automatically after every scheduled hours?

Leave a Comment