Changeset 1247722
- Timestamp:
- 09/17/2015 02:59:18 PM (11 years ago)
- Location:
- wp-jwt-auth/trunk
- Files:
-
- 5 edited
-
JWT_AUTH.php (modified) (3 diffs)
-
README.md (modified) (2 diffs)
-
assets/img/jwticon.png (modified) (previous)
-
lib/JWT_AUTH_UserProcessor.php (modified) (2 diffs)
-
readme.txt (modified) (2 diffs)
Legend:
- Unmodified
- Added
- Removed
-
wp-jwt-auth/trunk/JWT_AUTH.php
r1168653 r1247722 3 3 * Plugin Name: Wordpress JWT Authentication 4 4 * Description: Implements JWT Authentication for APIs 5 * Version: 1.1. 05 * Version: 1.1.1 6 6 * Author: Auth0 7 7 * Author URI: https://auth0.com … … 22 22 add_filter("plugin_action_links_$plugin", array(__CLASS__, 'wp_add_plugin_settings_link')); 23 23 24 add_action( 'init', array( __CLASS__, 'add_headers' ), 99 ); 24 add_action( 'init', array( __CLASS__, 'add_headers' ), 99 ); 25 25 26 26 JWT_AUTH_UsersRepo::init(); … … 31 31 32 32 public static function add_headers() { 33 header('Access-Control-Allow-Origin:'. get_http_origin()); 34 header('Access-Control-Allow-Credentials: true'); 33 header('Access-Control-Allow-Origin:'. get_http_origin()); 34 header('Access-Control-Allow-Credentials: true'); 35 35 36 36 if ( 'OPTIONS' == $_SERVER['REQUEST_METHOD'] ) { 37 37 if ( isset( $_SERVER['HTTP_ACCESS_CONTROL_REQUEST_METHOD'] ) ) { 38 header('Access-Control-Allow-Methods: GET, POST, OPTIONS'); 38 header('Access-Control-Allow-Methods: GET, POST, OPTIONS'); 39 39 } 40 40 if ( isset( $_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS'] ) ) { 41 header('Access-Control-Allow-Headers: ' . $_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']); 41 header('Access-Control-Allow-Headers: ' . $_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']); 42 42 } 43 43 die('options'); -
wp-jwt-auth/trunk/README.md
r1168653 r1247722 1 1 #Wordpress JWT Authentication 2 2 3 This plugin targets to add JWT authentication to Wordpress API's provided by plugins.3 Authenticate your APIs with JWT easily. 4 4 5 5 ##Configuration … … 10 10 - **JWT Attribute**: should match the User Property to determine the user. 11 11 12 ##How it works 13 14 This plugin will check the headers of the requests and if there is an `Authorization` header will try to log in a user that matches. So it is as easy to check for the current user to authenticate users in your own API. 15 16 Also, it provides support for the following plugins: 17 - http://wp-api.org/ 18 - http://docs.woothemes.com/document/woocommerce-rest-api/ 19 20 And any other that extends `Wp Rest Api` like http://tweichart.github.io/JSON-API-for-BuddyPress/ for BuddyPress. 21 22 12 23 ##Overriding the User Repository logic 13 The user repository is the responsible of retriving the user based on the JWT. By default, it looks in the user database to match the *User Property* and the *JWT Attribute*. 24 The user repository is the responsible of retriving the user based on the JWT. By default, it looks in the user database to match the *User Property* and the *JWT Attribute*. 14 25 15 If you need to override the way the user matching is made (ie: you need to look to another table in the database) you can create your own User Repostory and match the user as you need. 26 If you need to override the way the user matching is made (ie: you need to look to another table in the database) you can create your own User Repostory and match the user as you need. 16 27 17 28 To accomplish this, you need to add a filter: 18 29 19 30 ``` 20 add_filter( 'wp_jwt_auth_get_user', array( __CLASS__, 'get User' ),10);31 add_filter( 'wp_jwt_auth_get_user', array( __CLASS__, 'get_user' ),10); 21 32 ``` 22 33 -
wp-jwt-auth/trunk/lib/JWT_AUTH_UserProcessor.php
r1168653 r1247722 44 44 $overrideUserRepo = JWT_AUTH_Options::get('override_user_repo'); 45 45 46 return apply_filters( 'wp_jwt_auth_get_user', $jwt, $encodedJWT ); 46 $response = apply_filters( 'wp_jwt_auth_get_user', $jwt, $encodedJWT ); 47 48 return $response; 47 49 } 48 50 … … 58 60 global $wp_json_basic_auth_error; 59 61 60 $wp_json_basic_auth_error = null;62 $wp_json_basic_auth_error = null; 61 63 62 64 $authorization = self::getAuthorizationHeader(); -
wp-jwt-auth/trunk/readme.txt
r1156142 r1247722 6 6 License URI: https://github.com/auth0/wp-jwt-auth/blob/master/LICENSE.md 7 7 Stable tag: trunk 8 Contributors: glena 8 Contributors: glena, auth0 9 9 10 This plugin targets to add JWT authentication to Wordpress API's provided by plugins.10 Authenticate your APIs with JWT easily. 11 11 12 12 == Description == 13 13 14 This plugin targets to add JWT authentication to Wordpress API's provided by plugins. 14 This plugin targets to add a easy way to authenticate your APIs using JWT. 15 16 Also, it provides a basic way to match the users and allow you to extend base on your needs easily with a filter. 17 18 How it works 19 20 This plugin will check the headers of the requests and if there is an `Authorization` header will try to log in a user that matches. So it is as easy to check for the current user to authenticate users in your own API. 21 22 Also, it provides support for the following plugins: 23 - http://wp-api.org/ 24 - http://docs.woothemes.com/document/woocommerce-rest-api/ 25 26 And any other that extends `Wp Rest Api` like http://tweichart.github.io/JSON-API-for-BuddyPress/ for BuddyPress. 15 27 16 28 == Installation == … … 19 31 2. Activate the plugin through the 'Plugins' menu in WordPress. 20 32 3. Access to the plugin settings and configure the keys and how should it match the users. 33 34 - Aud: represents the client id which the JWT was sent. 35 - Secret: used to verify the JWT signature 36 - Base64 Secret Encoded: it must be active if the secret is base64 encoded and needs to be decoded before checkig the signature. 37 - User Property: is the property which much match with the JWT attribute to determine the user. 38 - JWT Attribute: should match the User Property to determine the user. 39 40 or extend it implementing a filter: 41 42 add_filter( 'wp_jwt_auth_get_user', 'get_user',10); 43 44 function get_user($jwt) { 45 ... 46 } 47 48 To see an example, check the UsersRepo (https://github.com/auth0/wp-jwt-auth/blob/master/lib/JWT_AUTH_UsersRepo.php).
Note: See TracChangeset
for help on using the changeset viewer.