Ali Qureshi

I think you can easily do this by adding this code in the JSON API Auth plugin controller file.

add_filter( 'restricted_site_access_is_restricted', 'my_auth_override' );

function my_auth_override( $is_restricted ) {
        $is_restricted = false;
    return $is_restricted;
}

it will allow access to all requests.

It is very straight forward as mentioned in FAQs. Once cookie is generated successfully, you will get cookie that you can then use in other controllers/methods for user authentication.

Steps are:

1. Create ‘nonce’ by using core get_nonce method https://your-domain/api/get_nonce/?controller=auth&method=generate_auth_cookie
2. You can then use ‘nonce’ value to generate cookie. https://your-domain/api/auth/generate_auth_cookie/?nonce=f4320f4a67&username=Catherine&password=password-here
3. Use cookie like this with your other controller calls: https://your-domain/api/contoller-name/method-name/?cookie=Catherine|1392018917|3ad7b9f1c5c2cccb569c8a82119ca4fd

Hope it helps..

I have released a new version with reset password method. That should do.

Please mention what is not working? and what are you trying to achieve?

use JSON API Auth plugin for getting the valid cookie. You can’t really login for REST protocol your session being the stateless. You will need to provide the cookie variable with each RESTful request you make and check it inside your controller method.

https://your-domain/api/controller_name/method_name/?cookie=John|YGWWdwificwcu398y387rckjciew

returning auth cookie with user registration is very good suggestion. I will include this in next release in addition to some other features like update user and password_forgot et al.

Plz try with the permalink structure. like this >>

https://your-domain/api/user/register/?username=john&nonce=4c39e89947&display_name=John&[email protected]

There should not be any problem if the email is valid and does not exist in the db.

yes, you should always use SSL.

1.1 has stopped simple shortcode displaying. it was working earlier with 1.0

Errors:

Failed to load resource: the server responded with a status of 404 (Not Found) ****/wp-content/plugins/cssable-countdown/js/kw-jquery.countdown-1.6.3.js?ver=1.0

Uncaught TypeError: Object [object Object] has no method ‘countdown’ (index):401

I’m on PHP 5.2. I got it resolved by changing following:

/*add_action( ‘widgets_init’, function(){ register_widget( ‘CSSable_Countdown_Widget’ ); });
*/

add_action(‘widgets_init’,
create_function(”, ‘return register_widget(“CSSable_Countdown_Widget”);’)
);

I think you should update it in the plugin as well for backward compatibility.

great plugin btw! worked perfectly after update.

Issue is that JSON API create_post check the current_user which is logged in and that can’t be done via REST.

for that, you need to send the ‘cookie’ var.

To fix it, open json-api/controllers/posts.php

Find:

if (!current_user_can(‘edit_posts’)) {
$json_api->error(“You need to login with a user that has ‘edit_posts’ capacity.”);
}

Replace it with:

if (!$json_api->query->cookie) {
$json_api->error(“You must include a ‘cookie’ var in your request. Use the generate_auth_cookie Auth API method.”);
}

And you will also have to provide ‘author’, so add following too underneath above code:

if (!$json_api->query->author) {
$json_api->error(“You must include ‘author’ var in your request.”);
}

To set the author id for new post:

Find:

$post = new JSON_API_Post();

Add below:

$post->set_author_value($json_api->query->author);

That will allow you to create post with valid cookie for any user.

I have created another plugin for doing all this user related stuff which is not doable via JSON-API. get_messages, send_message, get_msg_count, create post, add_comment, and some more.

I will release them in my other plugin JSON-API-User soon.

Hope that helps!

Please post your forgot password method here. I will include it in the next version with other additions.

Thanks!

It’s to be used in conjunction with JSON API plugin. It won’t install without JSON API plugin already installed and activated anyway.

First of all, sorry for replying late, I was on vacations.

Answer is yes, but you need to provide additional info for user registration.
username, display_name, email and nonce. It can be called like this.

https://your-domain/api/user/register/?username=john&nonce=4c39e89947&display_name=John&[email protected]

Sample response:

{
“status”: “ok”,
“msg”: “E-mail address is already in use.”,
“user_id”: null
}

Hope that helps!

The github version is owned by mattberg. mattberg published only the controller, I authored it as wp-plugin. I think I will release the plugin on my github account then.

Github link https://github.com/pimedia/json-api-auth