admin管理员组文章数量:1122846
I am trying to let a user change their password via the API. What it looks like here is that I can send a POST request to the users endpoint with their user ID at the end, sending the new password in the request body as JSON. So,
POST to :
And in the body:
{
"password": "mySecretPassword"
}
In this case, the user is authenticated via JWT and needs to send the token in the header of the request.
When I tried this in postman, the request hangs for a really long time but finally seems to go through and the password is updated.
I wanted to know if I am doing this correctly, and if so why does it take so long?
I am trying to let a user change their password via the API. What it looks like here is that I can send a POST request to the users endpoint with their user ID at the end, sending the new password in the request body as JSON. So,
POST to : https://example.com/wp-json/wp/v2/users/123
And in the body:
{
"password": "mySecretPassword"
}
In this case, the user is authenticated via JWT and needs to send the token in the header of the request.
When I tried this in postman, the request hangs for a really long time but finally seems to go through and the password is updated.
I wanted to know if I am doing this correctly, and if so why does it take so long?
Share Improve this question asked Mar 17, 2021 at 5:42 user8463989user8463989 5731 gold badge7 silver badges24 bronze badges2 Answers
Reset to default 0This question is from 9 months ago and maybe it is solved right now. but I'll send the answer to help other people who may have this question:
You have to install JWT plugin.
Then, you have to create Bearer Token by POSTing a username and password to this address:
https://example.com/wp-json/jwt-auth/v1/token
In postman, you have to insert your Bearer Token in Auth tab and change your password by posting this address:
http://example.com/wp-json/wp/v2/users/123?password=newpassword
(123 is the sample user id.)
I am creating Forgot password api In wordpress realtime using
website link : Linuxtips
function frgpassword(){
global $wpdb,$wp_hasher;
$methode = $_GET;
if(empty($methode['username'])){
$response = [ 'error' => true, 'code' => 400, "message" => "Enter username or Register email" ];
} else {
$custom_users_table = CUSTOM_USER_TABLE;
$sql = $wpdb->prepare( "SELECT * FROM `{$custom_users_table}` WHERE `user_login` = %s OR `user_email` = %s;", array( $methode['username'], $methode['username'] ) );
$userdata = $wpdb->get_results($sql);
if(empty($userdata)){
$response = [ 'error' => true, 'code' => 404, "message" => "User Not Found {$methode['username']}" ];
} else {
$user = $userdata['0'];
$allow = apply_filters( 'allow_password_reset', (is_multisite() && is_user_spammy( $user )) ? false : true, $user->ID );
if ( ! $allow ) {
$response = [ 'error' => true, 'code' => 403, "message" => "Password reset is not allowed for this user" ];
} else {
$key = wp_generate_password( 20, false );
do_action( 'retrieve_password_key', $user->user_login, $key );
if ( empty( $wp_hasher ) ) {
require_once ABSPATH . WPINC . '/class-phpass.php';
$wp_hasher = new PasswordHash( 8, true );
}
// update new password into database
$wpdb->query($wpdb->prepare("UPDATE {$custom_users_table} SET user_activation_key= %s WHERE ID = %s"), array((time() . ':' . $wp_hasher->HashPassword( $key )), $user->ID));
$link = home_url("wp-login.php?action=rp&key={$key}&login={$user->user_login}&wp_lang=en_US");
$message = "Someone has requested a password reset for the following account: \n Site Name: ".get_bloginfo()." From Mobile App \n \n Username: {$user->user_login} \n If this was a mistake, ignore this email and nothing will happen. \n To reset your password, visit the following address: \n {$link} \n This password reset request originated from the IP address ".ns_wp_user_ip();
$headers = array('From: '.get_bloginfo()." Mobile App ".' <accounts@'.$_SERVER['SERVER_NAME'].'>');
wp_mail($user->user_email,"[".get_bloginfo()."] Password Reset",$message,$headers);
$response = [ 'error' => false, 'code' => 200, "message" => "Password reset link has been sent to your registered email" ];
}
}
}
return new WP_REST_Response($response, $response['code']);
}
Creating rest router
register_rest_route('neoistone/v2', '/frgpassword', array(
'methode' => "GET",
'callback' => "frgpassword",
"permission_callback" => "frgpassword"
));
本文标签: change user password REST API
版权声明:本文标题:change user password REST API 内容由网友自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:http://www.betaflare.com/web/1736289983a1928418.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。
发表评论