λ΄κ° μ¬μ©μ μμνκ³ μνλ μλ νλ μ€μ REST API v2κ° λ΄ μ¬μ΄νΈμμ 쿼리 μ 보. μλ ν¬μΈνΈ URLμ μ§μ λ°©λ¬Ένλ©΄ λͺ¨λ λ°μ΄ν°λ₯Ό 곡κ°μ μΌλ‘ λ³Ό μ μμ΅λλ€. λν λ§μ μμ΅μμμ λΌμ΄λΈ μ¬μ΄νΈκ° μλ ν μ€νΈ λλ λ‘컬 μλ² μ¬μ©μ λν΄ μΈκΈνκ³ μμ΅λλ€.
λ΄ μ§λ¬Έμ :
- μ΄κ²μ μμ° νμ₯μμ μ¬μ©νκΈ°μν κ²μ λκΉ?
/wp-json/wp/v2/users/μ¬μ΄νΈμ λ±λ‘ λ λͺ¨λ μ¬μ©μλ₯Ό 보μ¬μ£Όλ μ¬λκ³Ό κ°μ΄ μλ ν¬μΈνΈλ₯Ό λ³Ό μμκ²νλ 보μ μνμ΄
μμ΅λκΉ?- μΈμ¦ λ μ¬μ©μ λ§ μλ ν¬μΈνΈμ μ‘μΈμ€νλλ‘ νμ© ν μ μμ΅λκΉ?
보μκ³Ό κ΄λ ¨λ λͺ¨λ² μ¬λ‘λ₯Ό λ°λ₯΄κ³ μμΌλ―λ‘ λͺ¨λ νμ΄ λμμ΄ λ κ²μ λλ€. API λ¬Έμλ μΈμ¦μ μΈκΈ,νμ§λ§ λ μ§μ μ‘μΈμ€λλ URLμ λ°©μ§νλ λ°©λ²μ λͺ¨λ₯΄κ² μ΄μ. λ€λ₯Έ μ¬λλ€μ μΌλ°μ μΌλ‘ λ무 λ§μ μ 보λ₯Ό λ ΈμΆμν€μ§ μκ³ μΈλΆ μμ© νλ‘κ·Έλ¨μμμ΄ λ°μ΄ν°μ μ‘μΈμ€νλλ‘ μ΄λ»κ² μ€μ ν©λκΉ?
λ΅λ³
μ΄κ²μ μμ° νμ₯μμ μ¬μ©νκΈ°μν κ²μ λκΉ?
μ. λ§μ μ¬μ΄νΈμμ μ΄λ―Έ μ¬μ©νκ³ μμ΅λλ€.
μ¬μ΄νΈμ λ±λ‘ λ λͺ¨λ μ¬μ©μλ₯Ό νμνλ / wp-json / wp / v2 / users /μ κ°μ μ¬λμ΄ μλ ν¬μΈνΈλ₯Ό λ³Ό μμκ²νλ 보μ μνμ΄ μμ΅λκΉ?
μλμ. μλ²μ μλ΅μ 보μκ³Ό κ΄λ ¨μ΄ μμ΅λλ€. λΉ νλ©΄ / μ½κΈ° μ μ© μ‘μΈμ€λ‘ 무μμ ν μ μμ΅λκΉ? μ무κ²λ!
κ·Έλ¬λ μ¬μ΄νΈμμ μ·¨μ½ν μνΈλ₯Ό νμ©νλ κ²½μ° λͺ κ°μ§ λ¬Έμ κ° μμ΅λλ€. κ·Έλ¬λ κ·Έκ²μ κ·νμ μ¬μ΄νΈ μ μ± μ΄λ―λ‘ REST APIλ κ·Έκ²μ λν΄ μ무κ²λ λͺ¨λ¦ λλ€.
μΈμ¦ λ μ¬μ©μ λ§ μλ ν¬μΈνΈμ μ‘μΈμ€νλλ‘ νμ© ν μ μμ΅λκΉ?
μ. κΆν μ½λ°± μ μ¬μ©νμ¬μ΄λ₯Ό μν ν μ μμ΅λλ€ .
μλ₯Ό λ€λ©΄ λ€μκ³Ό κ°μ΅λλ€.
if ( 'edit' === $request['context'] && ! current_user_can( 'list_users' ) ) {
return new WP_Error( 'rest_forbidden_context', __( 'Sorry, you cannot view this resource with edit context.' ), array( 'status' => rest_authorization_required_code() ) );
}λ€λ₯Έ μ¬λλ€μ μΌλ°μ μΌλ‘ λ무 λ§μ μ 보λ₯Ό λ ΈμΆμν€μ§ μκ³ μΈλΆ μμ© νλ‘κ·Έλ¨μμμ΄ λ°μ΄ν°μ μ‘μΈμ€νλλ‘ μ΄λ»κ² μ€μ ν©λκΉ?
μ 보 κ° λ¬΄μμΈμ§ / μΈμ λͺ¨λ₯΄κΈ° λλ¬Έμμ΄ μ§λ¬Έμ λλ΅νκΈ°κ° μ΄λ ΅μ΅λλ€ . κ·Έλ¬λ μ°λ¦¬λ λͺ¨λ μ°Έμ‘° μ μΉνΈ μνΈλ₯Ό μ¬μ© νκ³ μμ΅λλ€.
λ΅λ³
μΈμ¦ λ μ¬μ©μ λ§ μλ ν¬μΈνΈμ μ‘μΈμ€νλλ‘ νμ© ν μ μμ΅λκΉ?
컨ν
μΈ λ₯Ό λ³΄λ €λ©΄ μΈμ¦μ΄ νμν API μλ ν¬μΈνΈμ μ¬μ©μ μ μ κΆν μ½λ°±μ μΆκ° ν μ μμ΅λλ€. κΆνμ΄μλ μ¬μ©μλ μ€λ₯ μλ΅μλ°μ΅λλ€"code": "rest_forbidden"
μ΄λ₯Ό μννλ κ°μ₯ κ°λ¨ν λ°©λ²μ WP_REST_Posts_Controllerλ₯Ό νμ₯νλ κ²μ λλ€. λ€μμ κ·Έ κ°λ¨ν μμ λλ€.
class My_Private_Posts_Controller extends WP_REST_Posts_Controller {
/**
* The namespace.
*
* @var string
*/
protected $namespace;
/**
* The post type for the current object.
*
* @var string
*/
protected $post_type;
/**
* Rest base for the current object.
*
* @var string
*/
protected $rest_base;
/**
* Register the routes for the objects of the controller.
* Nearly the same as WP_REST_Posts_Controller::register_routes(), but with a
* custom permission callback.
*/
public function register_routes() {
register_rest_route( $this->namespace, '/' . $this->rest_base, array(
array(
'methods' => WP_REST_Server::READABLE,
'callback' => array( $this, 'get_items' ),
'permission_callback' => array( $this, 'get_items_permissions_check' ),
'args' => $this->get_collection_params(),
'show_in_index' => true,
),
array(
'methods' => WP_REST_Server::CREATABLE,
'callback' => array( $this, 'create_item' ),
'permission_callback' => array( $this, 'create_item_permissions_check' ),
'args' => $this->get_endpoint_args_for_item_schema( WP_REST_Server::CREATABLE ),
'show_in_index' => true,
),
'schema' => array( $this, 'get_public_item_schema' ),
) );
register_rest_route( $this->namespace, '/' . $this->rest_base . '/(?P<id>[\d]+)', array(
array(
'methods' => WP_REST_Server::READABLE,
'callback' => array( $this, 'get_item' ),
'permission_callback' => array( $this, 'get_item_permissions_check' ),
'args' => array(
'context' => $this->get_context_param( array( 'default' => 'view' ) ),
),
'show_in_index' => true,
),
array(
'methods' => WP_REST_Server::EDITABLE,
'callback' => array( $this, 'update_item' ),
'permission_callback' => array( $this, 'update_item_permissions_check' ),
'args' => $this->get_endpoint_args_for_item_schema( WP_REST_Server::EDITABLE ),
'show_in_index' => true,
),
array(
'methods' => WP_REST_Server::DELETABLE,
'callback' => array( $this, 'delete_item' ),
'permission_callback' => array( $this, 'delete_item_permissions_check' ),
'args' => array(
'force' => array(
'default' => true,
'description' => __( 'Whether to bypass trash and force deletion.' ),
),
),
'show_in_index' => false,
),
'schema' => array( $this, 'get_public_item_schema' ),
) );
}
/**
* Check if a given request has access to get items
*
* @param WP_REST_Request $request Full data about the request.
* @return WP_Error|bool
*/
public function get_items_permissions_check( $request ) {
return current_user_can( 'edit_posts' );
}
}μ½λ°±μ΄ μ‘μΈμ€ νμ© μ¬λΆλ₯Ό κ²°μ νλ λ° function get_items_permissions_checkμ¬μ© νλ κΆν current_user_canμ μ μ μμ΅λλ€. APIλ₯Ό μ¬μ©νλ λ°©λ²μ λ°λΌ ν΄λΌμ΄μΈνΈ μΈμ¦μ λν΄ μμΈν μμμΌ ν μλ μμ΅λλ€.
κ·Έλ° λ€μ λ€μ μΈμλ₯Ό μΆκ°νμ¬ REST API μ§μμΌλ‘ μ¬μ©μ μ μ κ²μλ¬Ό μ νμ λ±λ‘ ν μ μμ΅λλ€. register_post_type
/**
* Register a book post type, with REST API support
*
* Based on example at: http://codex.wordpress.org/Function_Reference/register_post_type
*/
add_action( 'init', 'my_book_cpt' );
function my_book_cpt() {
$labels = array(
'name' => _x( 'Books', 'post type general name', 'your-plugin-textdomain' ),
'singular_name' => _x( 'Book', 'post type singular name', 'your-plugin-textdomain' ),
'menu_name' => _x( 'Books', 'admin menu', 'your-plugin-textdomain' ),
'name_admin_bar' => _x( 'Book', 'add new on admin bar', 'your-plugin-textdomain' ),
'add_new' => _x( 'Add New', 'book', 'your-plugin-textdomain' ),
'add_new_item' => __( 'Add New Book', 'your-plugin-textdomain' ),
'new_item' => __( 'New Book', 'your-plugin-textdomain' ),
'edit_item' => __( 'Edit Book', 'your-plugin-textdomain' ),
'view_item' => __( 'View Book', 'your-plugin-textdomain' ),
'all_items' => __( 'All Books', 'your-plugin-textdomain' ),
'search_items' => __( 'Search Books', 'your-plugin-textdomain' ),
'parent_item_colon' => __( 'Parent Books:', 'your-plugin-textdomain' ),
'not_found' => __( 'No books found.', 'your-plugin-textdomain' ),
'not_found_in_trash' => __( 'No books found in Trash.', 'your-plugin-textdomain' )
);
$args = array(
'labels' => $labels,
'description' => __( 'Description.', 'your-plugin-textdomain' ),
'public' => true,
'publicly_queryable' => true,
'show_ui' => true,
'show_in_menu' => true,
'query_var' => true,
'rewrite' => array( 'slug' => 'book' ),
'capability_type' => 'post',
'has_archive' => true,
'hierarchical' => false,
'menu_position' => null,
'show_in_rest' => true,
'rest_base' => 'books-api',
'rest_controller_class' => 'My_Private_Posts_Controller',
'supports' => array( 'title', 'editor', 'author', 'thumbnail', 'excerpt', 'comments' )
);
register_post_type( 'book', $args );
}λΉμ μ λ³Ό μ μμ΅λλ€ rest_controller_classμ¬μ©νλ My_Private_Posts_Controllerλμ κΈ°λ³Έ 컨νΈλ‘€λ¬λ₯Ό.
μ€λͺ μ μΈλΆμμ REST APIλ₯Ό μ¬μ©νλ λ° λν μ’μ μμ μ€λͺ μ μ°ΎκΈ°κ° μ΄λ €μ μ΅λλ€ . κΈ°λ³Έ 컨νΈλ‘€λ¬ νμ₯μ λν νλ₯ν μ€λͺ μ μ°Ύμ μΌλ©° μ¬κΈ° μ μλ ν¬μΈνΈ μΆκ°μ λν μ² μ ν μλ΄μκ° μμ΅λλ€.
λ΅λ³
λ‘κ·ΈμΈνμ§ μμ λͺ¨λ μ¬μ©μκ° REST APIλ₯Ό μ ν μ¬μ©νμ§ λͺ»νλλ‘ μ°¨λ¨νλ λ° μ¬μ©ν λ΄μ©μ λ€μκ³Ό κ°μ΅λλ€.
add_filter( 'rest_api_init', 'rest_only_for_authorized_users', 99 );
function rest_only_for_authorized_users($wp_rest_server){
if ( !is_user_logged_in() ) {
wp_die('sorry you are not allowed to access this data','cheatin eh?',403);
}
}λ΅λ³
add_filter( 'rest_api_init', 'rest_only_for_authorized_users', 99 );
function rest_only_for_authorized_users($wp_rest_server)
{
if( !is_user_logged_in() )
wp_die('sorry you are not allowed to access this data','Require Authentication',403);
} }
function json_authenticate_handler( $user ) {
global $wp_json_basic_auth_error;
$wp_json_basic_auth_error = null;
// Don't authenticate twice
if ( ! empty( $user ) ) {
return $user;
}
if ( !isset( $_SERVER['PHP_AUTH_USER'] ) ) {
return $user;
}
$username = $_SERVER['PHP_AUTH_USER'];
$password = $_SERVER['PHP_AUTH_PW'];
remove_filter( 'determine_current_user', 'json_authenticate_handler', 20 );
$user = wp_authenticate( $username, $password );
add_filter( 'determine_current_user', 'json_authenticate_handler', 20 );
if ( is_wp_error( $user ) ) {
$wp_json_basic_auth_error = $user;
return null;
}
$wp_json_basic_auth_error = true;
return $user->ID;}add_filter( 'determine_current_user', 'json_authenticate_handler', 20 );