When we register a rest route with register_rest_route(), then we can use the permission_callback parameter with the kind of permission we want. Check for example how WP_REST_Posts_Controller::register_routes() and WP_REST_Users_Controller::register_routes() implement the permission callback. The password argument you’re referring to is the content’s password, that you can set for each post and that’s not the same. … Read more
I eventualy worked out a solution for my restaurants table, which sits alongside the wp_* tables in my WP database. Hope this helps add_action( ‘rest_api_init’, function () { register_rest_route( ‘restos/v1’, ‘/all’, array( ‘methods’ => ‘GET’, ‘callback’ => ‘handle_get_all’, ‘permission_callback’ => function () { return current_user_can( ‘edit_others_posts’ ); } ) ); } ); function handle_get_all( $data … Read more
That filter is definitely not the one you are looking for. That filter fires before returning the result of WP_REST_Request::from_url() which appears to be a factory method that is only used internally to handle embeds. A better option is to return a WP_Error instance on the rest_pre_dispatch filter. Some caveats: As mentioned by @milo, the … Read more
Unfortunately, it is not possible, but you can use slug instead. Like this: http://example.com/wp-json/wp/v2/posts?slug=table Reference document URL are: https://developer.wordpress.org/rest-api/reference/pages/#arguments
Please note that for current versions of WordPress, using the json_url_prefix filter no longer works. On WordPress 4.7 (and using the REST API from the core instead of a plugin), this is what I needed to change the API prefix. add_filter( ‘rest_url_prefix’, ‘my_theme_api_slug’); function my_theme_api_slug( $slug ) { return ‘api’; } If this doesn’t work … Read more
I found the simplest solution using the WP-REST API plugin,first set this in yours environment : 1.) In your themes functions.php register API endpoint hooks: add_action( ‘rest_api_init’, ‘register_api_hooks’ ); // API custom endpoints for WP-REST API function register_api_hooks() { register_rest_route( ‘custom-plugin’, ‘/login/’, array( ‘methods’ => ‘POST’, ‘callback’ => ‘login’, ) ); function login() { $output … Read more
Logged in on your website doesn’t mean the user is authenticated in the REST API request, that’s why you are not getting the correct user or a Id = 0 Please take a look to the REST API authentication methods on the docs: https://developer.wordpress.org/rest-api/using-the-rest-api/authentication/ For developers making manual Ajax requests, the nonce will need to … Read more
You can return a WP_Error object in which you define the status code. Here’s a snippet from the REST API documentation: function my_awesome_func( $data ) { $posts = get_posts( array( ‘author’ => $data[‘id’], ) ); if ( empty( $posts ) ) { return new WP_Error( ‘awesome_no_author’, ‘Invalid author’, array( ‘status’ => 404 ) ); } … Read more
The WP Rest API sends the total count(found_posts) property from WP_Query. in a header called X-WP-Total. FOR POSTS: you can make a call to posts endpoint of the REST API http://demo.wp-api.org/wp-json/wp/v2/posts The value for posts count is returned in the header as X-WP-Total. Below is a sample response from the hosted demo Access-Control-Allow-Headers:Authorization, Content-Type Access-Control-Expose-Headers:X-WP-Total, … Read more
At its current state, it is a badly engineered feature that do not have any real advantage for a competent developer. The basic idea, as it stands at the time this answer is written, is to expose WordPress core functionality as JSON REST API. This will enable decoupling of the WordPress “business” logic from the … Read more