node-wpapi: how to handle authentication?

I’m the author of the node-wpapi library, thanks for checking it out. Unfortunately we do not currently support any external authentication scheme out of the box, because WordPress itself does not ship with any authentication scheme other than the cookie/nonce option (which doesn’t work with external apps, as you describe).

There are plugins for authenticating API requests using JWT and OAuth 1.0a, and handling for those methods could be executed for node-wpapi using a combination of custom transport methods and the new .setHeaders() function that we introduced in last week’s 1.1 release of node-api.

However, what you are describing does not quite sound like something that would be solved by those approaches. Specifically, REST API authentication is a way to authenticate a single request against your WordPress site — to say, in effect, “I have the right to view or edit the resource I am requesting.” The REST API does not provide a mechanism to log in to WordPress, that should be handled using the existing WordPress login form.

If your SPA is designed to run in a plugin, I recommend setting it up to make a page that can only be viewed on login — then when your users try to open the app they will be directed to WordPress’s existing login page, then back to your app. Once logged in, a single page application can then use cookie/nonce authentication for API requests. For an example, see the project at https://github.com/kadamwhite/wp-notebook

Hope this helps, and thanks for using the REST API!

Related Posts:

  1. How do I cache (core) API requests?
  2. WP REST API only returning partial list of users
  3. Retrieving pages with multiple tags using REST API
  4. How do I use the WP REST API plugin and the OAuth Server plugin to allow for registration and login?
  5. WP API : date_query parameter
  6. Get more than 10 posts in a specific category with the wordpress api
  7. Create post with REST API in php with file_get_contents
  8. How to edit feature image with XML RPC?
  9. WP REST API and Access-Control-Allow-Origin
  10. Extending the API I created to return category names
  11. WordPress Rest API custom endpoint optional param
  12. Query WP REST API v2 by multiple meta keys
  13. Is there a way to get protected meta fields through any of the available built-in WordPress APIs? (xmlrpc, wp-json)
  14. Slow REST API calls on self-hosted WordPress [closed]
  15. how to authenticate for the REST API from a plugin and from command line
  16. WordPress API – Get Drafts
  17. How to stop WP API endpoint from caching?
  18. How to get the attached gallery in the rest API?
  19. Custom route for WP-API gives “rest_no_route” value
  20. “rest_no_route” – Debug error
  21. Developing Themes with React/Angular
  22. Authentication for a mobile app connected via wp-rest api?
  23. curl POST work with user meta but not the custom user meta
  24. Implementing the wp json-rest api
  25. WordPress REST API “rest_authentication_errors” doesn’t work external queries?
  26. Get all tags not just first 10 with wp api 2.0
  27. Post body not working with wp_remote_post()
  28. How can I cache WordPress Rest API Response
  29. WordPress REST API always misses parameters – rest_missing_callback_param
  30. How to add WP API and JS featured image attachment
  31. Adding rest api endpoints to an old theme
  32. Develop REST API using WordPress for Android app [closed]
  33. Why aren’t tags and categories added in post request to WP Rest API
  34. WP_REMOTE_POST Requests are being blocked by API provider [closed]
  35. Get non-rendered content from WP-API
  36. Woocommerce api: create product with images – bad request
  37. Adding custom end points, No error line
  38. Calling an API to do authentication / user login
  39. How do I query my WordPress posts on another HTML page using the WordPress Restful API?
  40. body_class REST field in WP-API
  41. Authenticating a user with the WP-API V2 in Postman
  42. Get a remote post ID via API given URL
  43. How to change the date and time in REST API for comments?
  44. Creating a WordPress Post via REST API – HTML or Markdown?
  45. Custom REST endpoint not working to retrieve single posts (“rest_no_route”)
  46. How to add an endpoint for my custom post type? /wp-json/wp/v2/posts is working but it didn’t in the custom post
  47. WordPress REST API – get custom taxonomy category posts
  48. How to display relations via wordpress Rest API
  49. Allow REST API Endpoint to specific user and hide from public
  50. Escape commas in REST API
  51. register/login api
  52. WordPress REST API in Integromat: How to overcome “Sorry, you are not allowed to list users / edit this…”
  53. How do i post data to url with fields?
  54. How to use following API with WordPress?
  55. Help to create the best plugin settings!
  56. Remove unwanted fields from WP API response
  57. rest_cannot_create_user
  58. WordPress API “code”:”rest_no_route” with Custom Route
  59. Adding Amchart Interface to WordPress API
  60. Deleting media using the WordPress Rest API
  61. Periodically Query an external API on wordpress site
  62. Rest WP_Error always return null
  63. Posting data from Ionic app to WordPress
  64. Expand author, tags and categories in the WordPress JSON API
  65. How to display parent category with first level child in REST API
  66. WordPress REST API Endpoint (Authors and Categories latest posts)
  67. Why does “if statement” has to “die()”, otherwise wont work?
  68. Best way to make a JSON API from WordPress?
  69. REST API And Error Codes – No Message
  70. How to login via wordpress api and get user details?
  71. How many users/load can the rest API handle?
  72. How to update WordPress Plugins in your own maintance application?
  73. XMLRPC: How to retrieve possible custom fields for a new post?
  74. External api call using wordpress
  75. Adding Microsoft Teams Incoming Webhook to WordPress, Problem with Rest Route?
  76. Woocommerce API for calling products by Category ID
  77. How to submit a button automatically after every scheduled hours?
  78. WP function/filter for modifying http headers?
  79. How to implement ERP (Enterprise Resource Planning) into WordPress?
  80. Headless WordPress: How to authenticate front end requests?
  81. WordPress API – count posts
  82. API for Post Stats for Self-Hosted WordPress using JetPack [closed]
  83. Displaying Content with WP Rest API
  84. WP Rest API max limit include parameter?
  85. Custom Post for Locating by Google Maps API
  86. Passing Meta array in wp-rest api
  87. WP REST API V2 – Add user data to response
  88. is it possible to filter a rest api endpoint by using a registered rest field?
  89. WordPress API for search
  90. Update a post based on results from GET request to another server
  91. WC REST Payment – Stripe Gateway’ is not available
  92. How to create WordPress custom end point with multiple parameters?
  93. I can’t post comment via REST API
  94. How to fix AWS SNS API end point code that cause site not to load?
  95. Multisite WP-API json v2 : can i fetch all comments on all sites with a single query?
  96. wp_signon returns user but the user is not logged in because wp installed on subdomain. How to make it work?
  97. Cant create or update meta fields using WordPress REST API
  98. Get total count of records in WP GraphQL API
  99. Consume legacy rest api dependent upon WP API plugin
  100. Hiding WordPress REST endpoints from public viewing using Basic Authentication