问题
I'm having an issue with basic authentication.
Trying to send a GET request with Postman (chrome plugin) using the following url: http://_MY_WEBSITE_URL_/wp-json/wp/v2/users/3
The username and the password field is filled with the site's admin user credentials.
The error I get:
{
"code": "rest_user_cannot_view",
"message": "Sorry, you cannot view this resource.",
"data": {
"status": 401
}
}
I tried the basic authentication using wp_remote_request from another website, and with CURL too, but the results are the same every time.
The user with id 3 exists, I have checked it. If I want to list all of the users, I get only those who have posts created.
I have activated the required plugins: WP REST API, JSON Basic Authentication.
My wordpress version: 4.4.2
回答1:
Finally, I figured out the solution. I had to add some new options manually to my .htaccess file, the plugin didn't make it.
The code:
# BEGIN WP BASIC Auth
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /PluginTest/
RewriteCond %{HTTP:Authorization} ^(.*)
RewriteRule ^(.*) - [E=HTTP_AUTHORIZATION:%1]
</IfModule>
# END WP BASIC Auth
回答2:
I think issue is not for getting user data from server but this error code is for your authentication problem have this user capability or Role might not be administrator
for detail view
wp-content/plugins/rest-api/lib/endpoints/class-wp-rest-users-controller.php
public function get_item_permissions_check( $request ) {
$id = (int) $request['id'];
$user = get_userdata( $id );
$types = get_post_types( array( 'public' => true ), 'names' );
if ( empty( $id ) || empty( $user->ID ) ) {
return new WP_Error( 'rest_user_invalid_id', __( 'Invalid resource id.' ), array( 'status' => 404 ) );
}
if ( get_current_user_id() === $id ) {
return true;
}
if ( 'edit' === $request['context'] && ! current_user_can( 'list_users' ) ) {
return new WP_Error( 'rest_user_cannot_view', __( 'Sorry, you cannot view this resource with edit context.' ), array( 'status' => rest_authorization_required_code() ) );
} else if ( ! count_user_posts( $id, $types ) && ! current_user_can( 'edit_user', $id ) && ! current_user_can( 'list_users' ) ) {
return new WP_Error( 'rest_user_cannot_view', __( 'Sorry, you cannot view this resource.' ), array( 'status' => rest_authorization_required_code() ) );
}
return true;
}
回答3:
To all those who are facing these error,remove the Basic Authentication authorization in headers and send the customer_key and customer_secret as query parameter in all case( get and post) after activating JWT. This might seem odd and insecure but it works for me.
来源:https://stackoverflow.com/questions/36470998/cant-authenticate-with-basic-authentication-using-wp-rest-api-2-0-plugin