-
Notifications
You must be signed in to change notification settings - Fork 10.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat(gatsby-source-wordpress): allow users to obtain JWT Token to make authenticated requests #9509
Conversation
Something is wrong with formatting here - seems like you pasted built file to source file? Changes itself are fine, but formatting need to be fixed |
@pieh Whoops! I noticed that I accidently worked on the built file, pasted it into the source file, saw no linting errors and assumed it was fine. I'm gonna fix that. |
Hmmm, just reading more about it - we should hit |
We could do so, too. I'll look into it and try to implement getting the token as well. |
Please check how this is done for wordpress.com: gatsby/packages/gatsby-source-wordpress/src/fetch.js Lines 157 to 184 in c3910a5
This probably will be very similar for |
@pieh Thanks! I have already found that function as a starting point. 👍 |
Thanks for this! We need to expose drafts for a preview server. I'm struggling to reference this pull request in my package json to begin using it now, is that even possible? Appreciate if someone can point me in the right direction. Cheers. |
@watzing it's not possible to reference PR like that, but you can |
@watzing also one thing - this adds support for jwt authorization - but it doesn't change endpoints that this plugin use. F.e. we grab posts using
But right now wordpress plugin doesn't support applying filters like that - this would need to be implemented separately |
@openmedi I thought (hoped) that grabbing token function/request wouldn't need special cases like that. I think it makes sense to have separate functions after all for wp.com on jwt plugin. Sorry for adding more work :( |
@pieh Thanks for the help, I'll give that a go.
Ahh, I thought I would be able to add the filters to the includedRoutes config item - I'll dig a bit deeper into the plugin code |
Check https://github.com/gatsbyjs/gatsby/blob/master/packages/gatsby-source-wordpress/src/fetch.js in particular gatsby/packages/gatsby-source-wordpress/src/fetch.js Lines 302 to 305 in a55bc13
to apply status filter. But we would only do this for content types (posts, pages and any custom post types) and not for other endpoints (tags, categories, media/images(?), users/authors, ACF (if someone is using that)). And also we would only want to apply that filter if user want us too (if you apply this filter without authorization you will get 400 forbidden response)
---edit: |
…cs/gatsby-source-wordpress-jwt-authentication
What do you think, @pieh? |
I will be looking to test it locally today, already created wordpress instance with JWT plugin. One thing that I think we could simplify is change if (_useJWT && _accessToken) {
options.headers = {
Authorization: `Bearer ${_accessToken}`,
}
}
if (_hostingWPCOM && _accessToken) {
options.headers = {
Authorization: `Bearer ${_accessToken}`,
}
} to just if (_accessToken) {
options.headers = {
Authorization: `Bearer ${_accessToken}`,
}
} We want to apply authorization header same way if there is any access token and at that point it doesn't matter if it's wp.com or site with jwt plugin (there are 2 places where we can change that) |
@pieh Alright. I implemented the changes that you suggested. |
I think we can also get away with explicit |
@openmedi enjoy first PR against your gatsby fork :) https://github.com/openmedi/gatsby/pull/1 |
…thentication infer useJWT
…wt-authentication' into topics/gatsby-source-wordpress-jwt-authentication
…e-wordpress-jwt-authentication
… and password strings
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks @openmedi!
…e authenticated requests (gatsbyjs#9509) This fixes gatsbyjs#6879.
This fixes #6879.