I have created RSS Feed in the back office of eZ publish. The problem is that I can access the RSS Feed from the admin interface of eZ Publish but not from the Front end.
example :
http://my-back-ez/rss/feed/news => Working
http://my-front-ez/rss/feed/news => Redirect to admin login
Instead of showing the RSS feed, i'm redirected to the admin login with the front url, I don't understand why.
Every conf seems to be initialized correclty. I've read that the routing is managed automatically by eZ Legacy and I do not have to create a specific route in the routing.yml file.
eZ Publish Version : 2014.11 (5.4).
EDIT :
When i log in via the front office there is no cookie "is_logged_in" so when i try to access the url "/rss/feed/myFeed/" i am redirected to admin login (probably passing throught legacy_stack) and the "is_logged_in" cookie is automatically created.
When i connect direclty from admin the "is_logged_in" cookie is created after login.
While the cookie is created i can access the RSS feed.
I've read that the "is_logged_in" cookie is deprecated, is it still the case here ? I am aware that RSS is a legacy module so it probably needs this cookie to verify if the user is logged.
Do i have to create manually the "is_logged_in" cookie or there is another way to allow the access to RSS feed ?
Thanks,
Cheers.
You have to activate RSS/feed function for anonymous user too. You can do it in admin>administration>roles
Found the solution !
In the site.ini.append.php file you have to set the RequireUserLogin to false to tell legacy stack not to look for the is_logged_in cookie.
[SiteAccessSettings]
RequireUserLogin=false
Cheers !
Related
I have a Wordpress website and a Chrome Extension. If the user logs in on the website, I want the Chrome Extension to be aware of that (and vice-versa). The Chrome Extension won't have a login form in it; the user will always log in through the website login form.
When you log in on the website, Wordpress by default sets its authentication cookies to identify the user. What I initially had in mind: I would also like to return some kind of access token, which I would store somewhere where the extension can find it and use it to make authenticated requests to the Wordpress REST API. But.. where do I store it (in a safe manner) so I can find it within the extension?
Perhaps I should try a different approach?
Thank you!
What you could do, the simpler way:
create an Ajax action or a REST API route
as you can read in the documentation, the authentication is cookie-based. So once the user is logged in from the WordPress login form, the authentication cookie is added to your browsing session
without overrides, the cookie will also be forwarded when using JS HTTP queries (eg ajax)
your route could check something like is_user_logged_in() or wp_get_current_user() like available methods. And return the result (among other things if needed) to your plugin JS
you may need to change the WordPress cookie configuration, so they can be accessed from anywhere (any domain), check this.
Better way:
would be to use a plugin like this to implement REST API Oauth2 authentication
user should be able to login directly from the extension window (need development), and then use a refresh token feature to keep the user logged in.
I believe you may also need to update your actual login form, if its classic or OAuth rest API login, should be able to send back the required OAuth token (access and refresh tokens), to the frontend (then stored in local storage or else) to be used by the extension. To prevent having to log in twice.
I have Wordpress blog and I want to share my post blog automatically in my Facebook Fanpage.
I using NextScripts: Social Networks Auto-Poster plugin and insert App ID and App Secret (I'm already register in developers.facebook.com). But when I click Authorize Your Facebook Account, I get error that said:
"Can't Load URL: The domain of this URL isn't included in the app's domains. To be able to load this URL, add all domains and subdomains of your app to the App Domains field in your app settings."
I'm already search answer in google, but still not able to fix it.
such as do this in developers.facebook.com account:
Use Strict Mode for Switch URIs => Turn off (but cannot turn it off)
Insert https://www.example.com/auth/facebook/callback into Valid OAuth URI redirect (not solving my problem, having another error : URL Blocked)
Is there any way to fix it? I only want to share my blog post automatically to save time, just it. Any help is very appreciated, Thank you.
There are two sites - .Net Core site (site1) and Wordpress site (site2). When I have logged on site1 I want to redirect to some page on site2 by link with autologin on site2. Users are duplicated on two databases(site1 - MSSql Server, site2 - MySql). How to pass login credentials to site2 and redirect to link page on this site? Can I use the REST API, what else should I use? Are there any ideas, a simple example?
Thanks!!!
You can called Single Sign On or SSO. You would essentially be bypassing WordPress' authentication methods and use those from a 3rd party. WordPress needs a local user of some kind for normal operations to work (the user_can() function for example.)
So the general gist would be something like this - Send any request for authentication to a 3rd party who will yay or nay and return some data about the user - if yay, check if there is a WordPress user that represents the authenticated user.
If not, create one and add any meta data you might need from the third party. - these WordPress users are like placeholders and every time you successfully authenticate, you update the meta data of the WordPress user to keep things in sync.
This is how OneLogin does it and you can poke around their WordPress plugin to get a sense of how it works.
https://wordpress.org/plugins/onelogin-saml-sso/
Or You can refer this also.
http://carlofontanos.com/auto-login-to-wordpress-from-another-website/
I am building phonegap application to show post and other pages. Logged in users can only access these pages. So, I am creating login system in phonegap with wordpress api. I am using json api,json api user for api.
After username, password entered in login form authentication cookie is generated by 'generate_auth_cookie' api and stored in local storage. It is stored as 'wordpress_logged_in_5....'=>'username|1453458845|J500gDe.....'
I am struck here. Please tell me the next steps after this. Also I need to check the user is logged in on every api call.
FOR JSON API LOGIN
Method: generate_auth_cookie
First get the nonce: http://localhost/api/get_nonce/?controller=user&method=generate_auth_cookie
Then generate cookie: http://localhost/api/user/generate_auth_cookie/?username=john&password=PASSWORD-HERE
Method: validate_auth_cookie
It needs 'cookie' var.
http://localhost/api/user/validate_auth_cookie/?cookie=admin|43089754375034fjwfn39u8
so when user sent req. of login that time you need to create nonce and then gen. auth cookie and so on. and if all good then log in to user. and save it to your site. so once user click on logout. there session will be removed.
you can also set session from here
generate cookie for 1 minute: http://localhost/api/user/generate_auth_cookie/?username=john&password=PASSWORD-HERE&seconds=60
60 means 1 minute.
details
https://wordpress.org/plugins/json-api-user/other_notes/
OR
TRY - WP REST API V2
http://v2.wp-api.org/
downlaod plugin and install it.
https://wordpress.org/plugins/json-rest-api/
just type /wp-json/wp/v2/posts in end of your site url and you will get all post.
for get all post
www.mysite.com/wp-json/wp/v2/posts
For the search functionality - search test post
/wp-json/wp/v2/posts?filter[s]=test
much more details from this link http://v2.wp-api.org/reference/posts/
Note for best result use latest version of WP
so using this you can easily get post page etc.
I have a WP multisite installation with various users each having their own installation
Ie
www.mysite.com/fearghal
www.mysite.com/john
etc.
Is there a way I can use one Twitter application that will allow each user to update their status? I know with one site it is simple, but with multiple url's like WP MS - could be tricky with various callback urls.
Any ideas folks?
You can do that. When you get a request token you will have to pass the callback url for that site to Twitter and callback URL will have a verifier passed to it that will need to be sent when you get an access token. You can read more about the process at http://dev.twitter.com/pages/auth