最新消息:雨落星辰是一个专注网站SEO优化、网站SEO诊断、搜索引擎研究、网络营销推广、网站策划运营及站长类的自媒体原创博客

Wordpress JSON API nonces and Vue development server

programmeradmin6浏览0评论

As stated in the official docs, the JSON API CSRF protection only works from within Wordpress.

It is important to keep in mind that this authentication method relies on WordPress cookies. As a result this method is only applicable when the REST API is used inside of WordPress and the current user is logged in. In addition, the current user must have the appropriate capability to perform the action being performed.

Which means anytime I start a Vue development server to build my Vue app, the API will refuse my requests, as there's no WP environment that could provide me with a nonce that I could then pass to the API. Anybody found a workaround for that problem?

As stated in the official docs, the JSON API CSRF protection only works from within Wordpress.

It is important to keep in mind that this authentication method relies on WordPress cookies. As a result this method is only applicable when the REST API is used inside of WordPress and the current user is logged in. In addition, the current user must have the appropriate capability to perform the action being performed.

Which means anytime I start a Vue development server to build my Vue app, the API will refuse my requests, as there's no WP environment that could provide me with a nonce that I could then pass to the API. Anybody found a workaround for that problem?

Share Improve this question edited Sep 28, 2020 at 22:28 fuxia 107k38 gold badges255 silver badges459 bronze badges asked Sep 28, 2020 at 13:04 HansHans 5612 silver badges8 bronze badges
Add a comment  | 

1 Answer 1

Reset to default 1

For making authenticated API requests from a third party app, you'll need to install a plugin to give you different methods of authentication.

The most convenient but less secure is Basic Authentication: https://github/WP-API/Basic-Auth, it's appropriate for a local development environment.

This allows you to make authenticated requests by passing username and password in the body of the POST request.

I don't have an example in Vue, as I'm not familiar with its syntax.

发布评论

评论列表(0)

  1. 暂无评论