WP API and Proxy

Using a proxy is important when you cannot store your authentication credentials securely. One encounters this problem when building single page applications with client-side JavaScript Frameworks like Angular or Ember. This blog entry by Alex Bilbie nicely summarises the issue.

As a side project, involving a Angular/Ionic/Cordova application and WordPress, I’m building a proxy plugin for the WP REST API in order to communicate securely with the API. The code is available on GitHub, should you wish to check it out. It’s a personal project (currently running inside a Vagrant box) geared towards understanding the API and polishing my Angular/Ionic skillset and based on my limited understanding of the OAuth spec, so there’s bound to be a lot of bugs and other issues.

But to answer your three questions:

  • The REST API works behind a proxy;
  • I’m using both plugins (REST API and API proxy) as a primary datasource;
  • I’m not aware of any proxy services that work with the WP REST API, but a quick Google search lists some generic tutorials by Apigee and Amazon.

EDIT: I started working on my proxy attempt when version 1 of WP API was still in development and there are now several other authentication options, apart from Basic Auth and OAuth1. JWT based authentication seems to be a more streamlined option as opposed to a proxy. I’m currently experimenting with this JWT plugin developed for the API. Still uncertain about the security implications, though, as is this user. This provides an interesting, but rather bleak general overview.

Hata!: SQLSTATE[HY000] [1045] Access denied for user 'divattrend_liink'@'localhost' (using password: YES)