Wordpress

Black hole. REST API and WORDPRESS

To allow only logged in users to view WP endpoints, add the following code:

function mytheme_only_allow_logged_in_rest_access( $access ) {
	if( ! is_user_logged_in() ) {
		return new WP_Error(
                    'rest_cannot_access', 
                    __( 'Only authenticated users can access the REST API.', 'disable-json-api' ), 
                    array( 
                        'status' => rest_authorization_required_code() 
                    ) 
                 );
	}
	return $access;
}
add_filter( 'rest_authentication_errors', 'mytheme_only_allow_logged_in_rest_access' );

Admins version

function mytheme_only_allow_logged_in_rest_access( $access ) {
	if( ! is_user_logged_in() || ! current_user_can( 'manage_options' ) ) {
		return new WP_Error( 'rest_cannot_access', __( 'Only authenticated users can access the REST API.', 'disable-json-api' ), array( 'status' => rest_authorization_required_code() ) );
	}
	return $access;
}
add_filter( 'rest_authentication_errors', 'mytheme_only_allow_logged_in_rest_access' );

Default endpoints list

add_filter( 'rest_endpoints', 'show_default_endpoints' );
  
function show_default_endpoints( $endpoints ) {
  var_export( array_keys( $endpoints ) );
  die;
}

Removing access only for default endpoints.

add_filter( 'rest_endpoints', 'remove_default_endpoints' );
  
function remove_default_endpoints( $endpoints ) {
  return array( );
}
PREV POST Correct messages during incorrect login in your website
NEXT POST Correct messages during incorrect login in your website

Let's talk

We can help to make your idea come true, just drop us a line. If you want to join our team don’t wait. We are always looking for a talents!

PREV POST Correct messages during incorrect login in your website
NEXT POST Correct messages during incorrect login in your website
Website development Lublin

Something went wrong

Probably Charles broke something.
Please try again. Sorry!