0

I am trying to create API for my wordpress website in order to link the site with the android app I developed. I created a json api for wp_users table in phpmyadmin and it works perfect. But, there is a problem I can't figure out. The password of the users are shown up in hashed form. Here is how my API looks like:

"1": {
        "ID": 1,
        "user_login": "user1",
        "user_pass": "$P$BT6.fyjiaKZVEx/jM8sy5kC4QRkizg.",
        "user_nicename": "user1",
        "user_email": "user1@gmail.com",
        "user_url": "http://localhost/MyWebsite",
        "user_registered": "2021-10-27 21:29:02",
        "user_activation_key": "",
        "user_status": 0,
        "display_name": "User1"
    },
    "2": {
        "ID": 2,
        "user_login": "user2",
        "user_pass": "$P$BArUGOBZAJfD1J3sE8OgRA3Bk1Ynfg/",
        "user_nicename": "user2",
        "user_email": "user2@gmail.com",
        "user_url": "",
        "user_registered": "2021-10-31 18:31:32",
        "user_activation_key": "",
        "user_status": 0,
        "display_name": "User2"
    },
    "3": {
        "ID": 3,
        "user_login": "user3",
        "user_pass": "$P$B8rgiyaWrgWbkbFLMLlp2r7nIwFDwr.",
        "user_nicename": "user3",
        "user_email": "user3@gmail.com",
        "user_url": "",
        "user_registered": "2021-10-31 18:31:34",
        "user_activation_key": "",
        "user_status": 0,
        "display_name": "User3"
    }
}

I found this on GitHub but in my website I can't search wp-json/user/login or wp-json/user/register. So, is there another way to create API for wordpress or should I add something more in order to synchronize user authentication in both my website and the android app?

Gus Rasmusen
  • 1
  • 3
  • Did you write a completely custom API, or did you register a route with WordPress’s official built in JSON API? – Chris Haas Nov 27 '21 at 16:36
  • Also, the passwords are not encrypted, they are hashed. – Chris Haas Nov 27 '21 at 16:42
  • @ChrisHaas I wrote a custom API. Oh, I see, thanks for the clarification! – Gus Rasmusen Nov 27 '21 at 16:59
  • this might help https://stackoverflow.com/questions/13679001/register-login-user-with-wordpress-json-api – Jack Larson Nov 27 '21 at 17:06
  • @JackLarson I tried it but I get this error: `"code": "jwt_auth_bad_auth_header", "message": "Authorization header malformed.", "data": { "status": 403 }` – Gus Rasmusen Nov 27 '21 at 17:20
  • @GusRasmusen, I would strongly recommend merging your code into the official API, unless you only want WordPress for authentication. WordPress also offers [“application passwords”](https://make.wordpress.org/core/2020/11/05/application-passwords-integration-guide/) which are 24 character tokens that users can use for authentication. Otherwise, if the need to manually do something, look into using `wp_authenticate`, or the internals of `wp_check_password` if you really must roll your own (knowing WP could change this in the future). – Chris Haas Nov 28 '21 at 14:11
  • @ChrisHaas What I want is to synchronize the website login and register with the android app login and register. So, what do you mean to merge the code into the official API? – Gus Rasmusen Nov 28 '21 at 14:56
  • What I mean is to move your API code into [WordPress’s official API handler](https://developer.wordpress.org/rest-api/extending-the-rest-api/adding-custom-endpoints/) which will take care of routing, authentication, authorization and encoding for you. WordPress is “awake” inside so you also get access to all core functions and any plugins without hacking a manual boot up. – Chris Haas Nov 28 '21 at 16:17
  • @ChrisHaas Hmm, I see, alright thanks for your hep! – Gus Rasmusen Nov 28 '21 at 20:01

0 Answers0