Thanks to ‘mattberg’ who developed the auth controller. I have authored it as a WordPress plugin so that it could easily be searched and installed. mattberg made Auth controller available here https://github.com/mattberg/wp-json-api-auth
JSON API Auth plugin extends the JSON API Plugin with a new Controller to allow user authentication.
JSON API for WordPress Plugin allows you to access posts, pages, categories, tags via JSON REST API. Most of these features are only for viewing. Although it allows you to create post and comment via REST API, it does not support user authentication and user registration which are two of the the most common and sought after features for any mobile app.
JSON API Auth will allow you user authentication, for user registration via REST API, I have developed another plugin, JSON API User WordPress Plugin.
JSON API User is a plugin that extends the JSON API Plugin with a new Controller to allow user registration.
Installation Notes
First you have to install the JSON API for WordPress Plugin (http://wordpress.org/extend/plugins/json-api/installation/).
To install JSON API Auth just follow these steps:
– upload the folder “json-api-auth” to your WordPress plugin folder (/wp-content/plugins)
– activate the plugin through the ‘Plugins’ menu in WordPress or by using the link provided by the plugin installer
– activate the controller through the JSON API menu found in the WordPress admin center (Settings -> JSON API)
Controller Usage
– There are three methods available: validate_auth_cookie(), generate_auth_cookie(), get_currentuserinfo()
– nonce can be created by calling http://your-domain/api/get_nonce/?controller=auth&method=generate_auth_cookie
– You can then use ‘nonce’ value to generate cookie.
You can download it from JSON API Auth WordPress Plugins
Hope that helps!
Cheers
Hi,
thx for this nice tool. One Question, is there a way just to allow just one Login for Each User about API?
So that he cant loggin two times about api like:
http://localhost/api/user/generate_auth_cookie/?username=john&password=PASSWORD-HERE
?? Till now i can login with my c# app that works. But i can run my app to ttimes at same acount and i dont want that.
BR
Daniel
The API is just not accepting any query arguments in any form. I used GET and POST both. Doesn’t seem to work.
Hi AJ,
Please see documentation here. https://wordpress.org/plugins/json-api-auth/other_notes/
arguments should work both with POST and GET. see the examples.
Thank you really for providing the plugin!
I don’t really know how to implement it, can you please explain more the steps?
please see the notes tab on plugin page.
Hello, thanks for this.
It looks like it’s not a good strategy though.
This means that our REST API request must contain the plain text password, so it’s a bit of useless.
My two cents would be to substitute “password” mandatory field with a sort of a api consumer key which would be matched with a secret key.
Or even integrate this with OAuth 2 protocol for authentication.
Keep up the great work though!