• [wordpress]wp-api-jwt-auth 尝试添加运行在多站点中 need change


    Hi,Thank you this plugin,because i use this plugin on Wordpress one Network,so the request other api's url will be change.
    my step is:

    1. login : http://localhost/wordpress/wp-json/jwt-auth/v1/token
    2. get user blogs: http://localhost/wordpress/wp-json/myplugin/v1/blogs
    3. get get first blog token : http://localhost/wordpress/wp-json/token/regain/2,param 2 is the user_blogid,get the return token,change the Angularjs saved user Token
    4. get test blog posts : http://localhost/wordpress/test/wp-json/wp/v2/posts

    step 2 api like:

    function list_blogs($request ){
        $current_user = wp_get_current_user();
        $user_blogs = get_blogs_of_user( $current_user->ID );
        if(count($user_blogs)==0){
            return null;
        }
        else{
            return $user_blogs;
        }
    }
    
    add_action( 'rest_api_init', function () {
        register_rest_route( 'myplugin/v1', '/blogs', array(
            'methods' => 'GET',
            'callback' => 'list_blogs',
        ) );
    } );
    

    file public/class-jwt-auth-public.php,methodadd_api_routes(),i add

    register_rest_route($this->namespace, 'token/regain/(?P<blog_id>[0-9]+)', [
        'methods' => 'POST',
        'callback' => array($this, 'regain_token'),
    ]);
    

    i add method,code is:

    /**
    * regain the jwt auth for multiSite
    * @param WP_REST_REQUEST $request
    * 
    * @return string token
    */
    public function regain_token($request){
    	$secret_key = defined('JWT_AUTH_SECRET_KEY') ? JWT_AUTH_SECRET_KEY : false;
    	
    	 /** First thing, check the secret key if not exist return a error*/
        if (!$secret_key) {
            return new WP_Error(
                'jwt_auth_bad_config',
                __('JWT is not configurated properly, please contact the admin', 'wp-api-jwt-auth'),
                array(
                    'status' => 403,
                )
            );
        }
        /** Second thing, check the user is logined if not exist return a error*/
    	$current_user = wp_get_current_user();
        if (  0 == $current_user->ID ) {
        	return new WP_Error( 'rest_not_logged_in', __( 'You are not currently logged in.' ), array( 'status' => 401 ) );
        }
        
        $url_params = $request->get_url_params();
        $param_blog_id = $url_params['blog_id'];
        /** Three thing, check the $param_blog_id belong to the logined user blogs list if not exist return a error*/
    	$user_blogs = get_blogs_of_user($current_user->ID);
    	$blog_details = null;
    	$blog_ids = array();
    	$blog_is_exist = false;
    	foreach ($user_blogs AS $user_blog) {
    	   if($param_blog_id == $user_blog->userblog_id){
    	   	$blog_details = $user_blog;
    	   	$blog_is_exist = true;
    	   }
    	}
    	if(!$blog_is_exist){
    		return new WP_Error( 'jwt_auth_user_not_have_current_blog', __( 'current user not have this blog.' ), array( 'status' => 400 ) );	
    	}
    	
         /** Valid credentials, the user exists create the according Token */
        $issuedAt = time();
        $notBefore = apply_filters('jwt_auth_not_before', $issuedAt, $issuedAt);
        $expire = apply_filters('jwt_auth_expire', $issuedAt + (DAY_IN_SECONDS * 7), $issuedAt);
    	
        $token = array(
            'iss' => $blog_details->siteurl,
            'iat' => $issuedAt,
            'nbf' => $notBefore,
            'exp' => $expire,
            'data' => array(
                'user' => array(
                    'id' =>$current_user->ID,
                ),
            ),
        );
    
        /** Let the user modify the token data before the restore. */
        $token = JWT::encode(apply_filters('jwt_auth_token_before_restore', $token), $secret_key);
    
        /** The token is signed,only return token */
        $data = array(
            'token' => $token
        );
    
        /** Let the user modify the data before send it back */
        return apply_filters('jwt_auth_token_before_dispatch', $data, $current_user);
    }
    

    the code many is use the generate_token() method code,I only want the logined usre not login again,so i try add this code.

  • 相关阅读:
    这是另外一篇
    使用客户端写博客
    vim编码相关配置
    给eclipse装一些插件
    手机型号收集
    解决黑苹果与windows时区不一致
    记录一些在VPS上折腾的东西
    一个获取文件绝对路径的sh
    python批量GBK转UTF-8
    用NDK编译lua库
  • 原文地址:https://www.cnblogs.com/fsong/p/5997171.html
Copyright © 2020-2023  润新知