Rest-api and login from mobile client

  • islp

    (@islp)


    9 years, 3 months ago

    Hello, I searched here but I couldn’t find an example of login from a mobile client and now I don’t know if this is possible either.

    What I have to do: in a NATIVE (not web, not hybrid) mobile app (Swift / Java) I have two textfields, one for username, the other one for password.

    Using these textfields I would like to login into WordPress: I don’t need to post, there aren’t other activities involved, only login in the app using the WordPress credentials.

    Is this possible with the new REST API?

    • This topic was modified 9 years, 3 months ago by islp.
Viewing 4 replies - 1 through 4 (of 4 total)
  • Moderator bcworkz

    (@bcworkz)

    9 years, 3 months ago

    REST is certainly the way to access WP from mobile apps, but simply logging in, if it were possible, doesn’t achieve anything. The app uses REST to access information from WP, which is returned in JSON format. It’s up to the app to decide what to do with the information. When required for the task, WP login credentials are sent as part of the REST request to do things that require the user to be logged in. Such as insert a new post for example. The credentials are sent with each REST request, there’s no concept of being logged in with REST. Each data transaction stands on it’s own merit. Whatever happened in the previous transaction is forgotten.

    Thread Starter islp

    (@islp)

    9 years, 3 months ago

    @bcworkz First of all, thanks for your kind reply. I want to simply login the user and retrieve his/her name and surname (if possible), it’s the only thing I need in the app: WordPress is used by the app only to identify a user of a website, that’s all.

    Moderator bcworkz

    (@bcworkz)

    9 years, 3 months ago

    I’m not a solid REST user, so take my information with some caution, but I’m fairly sure any user data can be retrieved with adequate user credentials. Nothing related to getting logged into WP. Just user data in JSON format. If you supply admin creds with the REST request, any user’s data can be retrieved. No one will be “logged in”, but the data is available. I’m unsure how to verify a user’s password. It would either be send the plaintext and the API confirms validity, or you get a hash and your app confirms validity itself.

    Thread Starter islp

    (@islp)

    9 years, 2 months ago

    @bcworkz I tried a little the API, but apparently it doesn’t do what I want. That is: you can retrieve users (all users), not authenticate a particular user. Of course, not every user can retrieve all users, so if I try to get all users passing an editor’s credentials, it won’t return a list of users.

    If you are an admin, you can retrieve a list of users, but not every user is an admin.

    Maybe I must find an endpoint every user can call.

Viewing 4 replies - 1 through 4 (of 4 total)

The topic ‘Rest-api and login from mobile client’ is closed to new replies.