科技美学

  博客园  :: 首页  :: 新随笔  :: 联系 :: 订阅 订阅  :: 管理
Wordpress Restful API Auth

1.0 Why does it not work?

 DELETE | http://127.0.0.1/wordpress.002/wp-json/wp/v2/smokes/20

{
    "code": "rest_cannot_delete",
    "message": "Sorry, you are not allowed to delete this post.",
    "data": {
        "status": 401
    }
}

  返回401 rest_cannot_delete

 

2.0 JWT Authentication for WP REST API

 要用JWT做Crosssite的身份驗證。

 

3.0 Config

wp-config.php

define( 'WP_ENVIRONMENT_TYPE', 'local' );
define( 'JWT_AUTH_SECRET_KEY', 'wordpress002' );
define( 'JWT_AUTH_CORS_ENABLE', true );

 

.htaccess

RewriteCond %{HTTP:Authorization} ^(.*)
RewriteRule ^(.*) - [E=HTTP_AUTHORIZATION:%1]
SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1

 

4.0 Get Token

[POST] http://127.0.0.1/wordpress.002/wp-json/jwt-auth/v1/token

params: username | password

 

5.0 Use Token

[Updated: 2025-01-03]

Authorization: Bearer xxxx
Content-Type: application/json

 

完成!

posted on 2023-10-25 16:59  chankuang  阅读(64)  评论(0)    收藏  举报