I approached this slightly different for those interested. I wanted to keep my API as light as possible, and not bloat it with versions/revisions and users, so ended up creating a 2nd Laravel instance. On this 2nd Laravel instance (consumer) we used Laravel Socialite as we already use Google as SSO provider. The user logs …
I’ve been working on a similar issue today. Here’s what I’ve done: add_filter(‘rest_dispatch_request’, function($dispatch_result, $request, $route, $handler) { if (!is_user_logged_in()) { $dispatch_result = new WP_Error( ‘rest_not_logged_in’, __( ‘You are not currently logged in.’ ), array( ‘status’ => 401 ) ); } return $dispatch_result; }, 10, 4); You may want to use the $handler to determine …
This depends on what is it that you are developing. If it is a plugin, you have to store such settings in options as the last thing site owner should be asked to do is to modify their config file. If it is your own site, just make it a constant that is declared in …
Authenticated request to WP REST API V2 returning 403 error on /users/me [closed]
Use WordPress with a custom OAuth2 provider
I have seen many plugins do it this way. But it definitely seems like a very tedious step to follow for the user in order to use the plugin… Is it the right method? Yes. Should I somehow, store my Consumer API key & secret details on my server? And any of my distributed plugins …
Create a php callback/endpoint for an OAuth script
With my version of wordpress there is NO session. So when I call $_SESSION[‘callback_state’]=stuff it’ll gladly save it to a temporary stack local variable instead of with the actual session. So before you redirect do: if (!session_id()) {session_start();} //then the normal redirect header(“location: $newUrl”); exit(0);
How do I authenticate WP users from a chrome extension?
Answering my own question. For plugin developers, the directive is to use current_user_can() in your code as usual in the REST endpoints, as Core does. WordPress 5.4 does not support authenticated requests originated from outside WordPress to the REST API yet. But your clients can use plugins such as Basic Auth, OAuth2 or JWT to …
