Authentication from wordpress REST API

2
votes

After searching form wordpress documentation and google, i haven't find any proper way to achieve my goal : able to login to wordpress from custom third party application built with nodeJs. The steps is check if couple username / password is administrator and process tasks on my external app.

Anyone has already used the REST API of wordpress to auth user? WITHOUT INSTALLING ANY PLUGIN , i just want to get response from server if my couple username/ password is true and is administrator, i know i can asks the database to check but i want to pass throught the built-in wp rest api.

Thank you.

1
wordpressrest

1 Answers

0
votes

The simple answer is no, and here is why

While cookie authentication is the only authentication mechanism available natively within WordPress, plugins may be added to support alternative modes of authentication that will work from remote applications. Some example plugins are OAuth 1.0a Server, Application Passwords, and JSON Web Tokens.

Source: Wordpress Official Handbook

However there is a painful and insecure way of doing it with plain HTTP authentication which is not recommended.

Recommended way of doing this securely is to get WordPress JWT or oAuth Server extension and deal with standard authentication process which is more convenient and secure, WordPress already lists them which are referenced in the quote. Hope this helps!