Download the PHP package alleyinteractive/wp-rest-api-guard without Composer

On this page you can find all versions of the php package alleyinteractive/wp-rest-api-guard. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.

FAQ

After the download, you have to make one include require_once('vendor/autoload.php');. After that you have to import the classes with use statements.

Example:
If you use only one package a project is not needed. But if you use more then one package, without a project it is not possible to import the classes with use statements.

In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
Some PHP packages are not free to download and because of that hosted in private repositories. In this case some credentials are needed to access such packages. Please use the auth.json textarea to insert credentials, if a package is coming from a private repository. You can look here for more information.

  • Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
  • To use Composer is sometimes complicated. Especially for beginners.
  • Composer needs much resources. Sometimes they are not available on a simple webspace.
  • If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
  • Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Please rate this library. Is it a good library?

Example code of alleyinteractive/wp-rest-api-guard

Informations about the package wp-rest-api-guard

REST API Guard

Stable tag: 1.3.2

Requires at least: 6.0

Tested up to: 6.0

Requires PHP: 8.0

License: GPL v2 or later

Tags: alleyinteractive, rest-api-guard

Contributors: sean212

Coding Standards Testing Suite

Restrict and control access to the REST API.

Installation

You can install the package via composer:

Usage

The WordPress REST API is generally very public and can share a good deal of information with the internet anonymously. This plugin aims to make it easier to restrict access to the REST API for your WordPress site.

Out of the box the plugin can:

Settings Page

The plugin can be configured via the Settings page (Settings -> REST API Guard) or via the relevant filter.

Screenshot of plugin settings screen

Preventing Access to User Information (wp/v2/users)

By default, the plugin will restrict anonymous access to the users endpoint. This can be prevented in the plugin's settings or via code:

Preventing Access to Index (/) or Namespace Endpoints (wp/v2)

To prevent anonymous users from browsing your site and discovering what plugins/post types are set up, the plugin restricts access to the index (/) and namespace (wp/v2) endpoints. This can be prevented in the plugin's settings or via code:

Restrict Anonymous Access to the REST API

The plugin can restrict anonymous access for any request to the REST API in the plugin's settings or via code:

Limit Anonymous Access to Specific Namespaces/Routes (Allowlist)

Anonymous users can be granted access only to specific namespaces/routes. Requests outside of these paths will be denied. This can be configured in the plugin's settings or via code:

Restrict Anonymous Access to Specific Namespaces/Routes (Denylist)

Anonymous users can be restricted from specific namespaces/routes. This acts as a denylist for specific paths that an anonymous user cannot access. The paths support regular expressions for matching. The use of the Allowlist takes priority over this denylist. This can be configured in the plugin's settings or via code:

Require JSON Web Token (JWT) Authentication for Anonymous Users

Anonymous users can be required to authenticate via a JSON Web Token (JWT) to access the REST API. Users should pass an Authorization: Bearer <token> header with their request. This can be configured in the plugin's settings or via code:

Out of the box, the plugin will look for a JWT in the `Authorization: Bearer

` header. The JWT will be expected to have an audience of 'wordpress-rest-api' and issuer of the site's URL. This can be configured in the plugin's settings or via code: The JWT's secret will be autogenerated and stored in the `rest_api_guard_jwt_secret` option. The secret can also be filtered via code: ### Allow JWT Authentication for Authenticated Users Authenticated users can be authenticated with the REST API via a JSON Web Token. Similar to the anonymous JWT authentication, users should pass an `Authorization: Bearer ` header with their request. This can be configured in the plugin's settings or via code: ### Generating JWTs for Anonymous and Authenticated Users JWTs can be generated by calling the `wp rest-api-guard generate-jwt [--user=]` command or using the `Alley\WP\REST_API_Guard\generate_jwt()` method: ## Testing Run `composer test` to run tests against PHPUnit and the PHP code in the plugin. ## Changelog Please see [CHANGELOG](CHANGELOG.md) for more information on what has changed recently. ## Credits This project is actively maintained by [Alley Interactive](https://github.com/alleyinteractive). Like what you see? [Come work with us](https://alley.co/careers/). ![Alley logo](https://avatars.githubusercontent.com/u/1733454?s=200&v=4) - [Sean Fisher](https://github.com/srtfisher) - [All Contributors](../../contributors) ## License The GNU General Public License (GPL) license. Please see [License File](LICENSE) for more information.

All versions of wp-rest-api-guard with dependencies

PHP Build Version
Package Version
Requires php Version ^8.0
firebase/php-jwt Version ^6.10
Composer command for our command line client (download client) This client runs in each environment. You don't need a specific PHP version etc. The first 20 API calls are free. Standard composer command

The package alleyinteractive/wp-rest-api-guard contains the following files

Loading the files please wait ....