Android authentication

The best way to authenticate an app with the REST API would be to use OAuth. There’s a good section on OAuth Authentication the REST API documentation site. You will need to install the OAuth1 plugin on your site as well. There are some gotchas with implementing the OAuth plugin on WordPress. I found this … Read more

WP REST API: check if user is logged in

You shouldn’t pass your nonce to your JavaScript to verify it, since client side scripts can be easily manipulated. Instead, you should get the nonce from your front-end content, and then pass it to server to verify it. After verification, you should decide to output content by server, not by your JavaScript file. Something like … Read more

Authentication for wordpress website

Use the XMLRPC API. *All these tips are for a self-hosted blog. Not sure if they are relevant to a wordpress.com blog Don’t forget to include /wp-admin after your sites name in the URL box. This may seem like a no brainer but I was not putting this in at first. 🙂 eg. http://www.yoursitesname.com/wp-admin XML-RPC … Read more

add action which returns modified value

The things you can change in there are: $secure_cookie = apply_filters(‘secure_signon_cookie’, $secure_cookie, $credentials); Cookie The $credentials for the user_login and user_password1) Example add_action( ‘wp_authenticate’, ‘wpse119273UserCredentials’ ); function wpse119273UserCredentials( $credentials ) { // Make sure to secure that value $credentials[‘user_password’] = ‘foo’; } To generate a secure password, take a look at the function wp_generate_password() and … Read more