search

j3k0 / wordpress-rest-api-experiment

Wordpress REST API experiment
0 stars 0 forks source link

Don't work #1

Open j3k0 opened 7 years ago

j3k0 commented 7 years ago

output:


# List of users
    request: http://localhost:8002/wp-json/wp/v2/users

# List of pages
    request: http://localhost:8002/wp-json/wp/v2/pages

# Create a post
  - create authentication cookie
    request: http://localhost:8002/api/user/generate_auth_cookie/?username=editor&password=123456&insecure=cool
  - create a nonce
    request: http://localhost:8002/api/get_nonce/?controller=posts&method=create_post&insecure=cool
  - post post
      cookie_name: wordpress_logged_in_20c11e91499787fd68da2884076a1c85
      cookie:      editor|1487144070|b3qNZU6PG7cUZM...
      nonce:       7ed94e3231
    request: http://localhost:8002/wp-json/wp/v2/posts?_wp_nonce=7ed94e3231 -d {} --header X-WP-Nonce: 7ed94e3231 --cookie wordpress_logged_in_20c11e91499787fd68da2884076a1c85=editor|1487144070|b3qNZU6PG7cUZM3gTo5JZ31Bco3XBZHWESYd1c8uEWE|de3edb6d7f8248a0692b4bca457ab35868129331c912fc5029724deafc8689b3
     output:
{
    "code": "rest_cookie_invalid_nonce",
    "data": {
        "status": 403
    },
    "message": "Cookie nonce is invalid"
}
j3k0 commented 7 years ago

From what I saw, wordpress is expecting a nonce with controller=wp_rest and no method. But json_api wont let us do that.

In wordpress source code:

$wp_rest_server->send_header( 'X-WP-Nonce', wp_create_nonce( 'wp_rest' ) );
j3k0 commented 7 years ago

Added this in theme:

screen shot 2017-02-01 at 10 07 04

Copy nonce from the page source:

screen shot 2017-02-01 at 10 07 43

Yet, still the same error...

MagdielCAS commented 5 years ago

Any results?

j3k0 commented 5 years ago

Sorry it's been a while. I don't even remember why I was doing this.