This repository was archived by the owner on Sep 24, 2018. It is now read-only.
This repository was archived by the owner on Sep 24, 2018. It is now read-only.
Hide "username", "First Name" & "Last Name" for embedded/non-auth'd author responses? #417
Description
When dealing with themes, it's general practice to show the user's name as the value clearly labeled as "Display name publicly as":
The default JSON response for embedded users (e.g. authors in posts) includes all of these values:
{"author": {
"ID": 4,
"username": "kadamnation",
"name": "K. Adam White",
"first_name": "K. Adam",
"last_name": "White",
"nickname": "KAdam",
"slug": "kadamnation",
"URL": "http://www.mydomain.com",
"avatar": "http://0.gravatar.com/avatar/6cd1cf6de05952505a165425efaf06b4?s=96",
"description": "Some short biographical description about the user",
"registered": "2012-06-17T15:41:32+00:00",
"meta": {
"links": {
"self": "http://www.mydomain.com/wp-json/users/4",
"archives": "http://www.mydomain.com/wp-json/users/4/posts"
}
}
}}Of these, we discussed at WCNYC that we may want to limit the information about a user that we expose. I propose limiting embedded response data (and responses for non-authenticated requests, see #297) to these values:
- name: (the name explicitly selected for display on the site)
- slug: The public slug representation of the user, for use with routes etc
- nickname: If this gets populated, I think it'd make sense to expose it since I've seen it commonly used on things like author archive pages
This would mean we would omit the following:
- username: Even though this is probably the same as slug (need to confirm this), we probably don't want to give away internal account names where possible
- first_name: Superseded by name
- last_name: Superseded by name
- We also discussed removing registered, unless anyone can think of a compelling reason why it should be in the public responses