Skip to content

Commit 4cbf614

Browse files
jkmasseljkmassel
authored
Create README.md
1 parent 8de86a3 commit 4cbf614

File tree

1 file changed

+54
-0
lines changed

1 file changed

+54
-0
lines changed

README.md

Lines changed: 54 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,54 @@
1+
# jwt-auth
2+
jwt-auth is a WordPress plugin that enables authentication using [JSON Web Tokens](https://jwt.io). This plugin will be proposed as an addition to WordPress Core in the near future.
3+
4+
## Getting Started
5+
6+
This plugin isn't currently listed in the WordPress Plugin Directory. Therefore, you'll need to install it manually. You can do this by [downloading the latest code](https://github.com/WP-API/jwt-auth/archive/develop.zip) and uploading it to your site.
7+
8+
### How it works
9+
10+
At a high level, JSON Web Tokens work by exchanging a valid username and password for a long-lived token. This token can then be used to authenticate requests, making it unnecessary to store and repeatedly transmit usernames and passwords.
11+
12+
#### Retrieving a Token
13+
14+
In order to receive a token, you must authenticate the user. This can be done with a request that looks like:
15+
16+
```bash
17+
curl -X "POST" "https://{my-domain-name}/wp-json/wp/v2/token/" \
18+
-H 'Content-Type: application/x-www-form-urlencoded; charset=utf-8' \
19+
--data-urlencode "username=my-username" \
20+
--data-urlencode "password=my-password"
21+
```
22+
23+
This will return a response that looks like:
24+
25+
```javascript
26+
{
27+
"access_token": "eyJ0eXAi[...]",
28+
"data": {
29+
"user": {
30+
"id": 1,
31+
"type": "wp_user",
32+
"user_login": "my-username",
33+
"user_email": "[email protected]"
34+
}
35+
}
36+
}
37+
```
38+
39+
The `access_token` field is what you'll use for subsequent requests. For example, to fetch the user data, you could perform a request like:
40+
41+
```bash
42+
curl "https://{my-domain-name}/wp-json/wp/v2/users/me" \
43+
-H 'Authorization: Bearer eyJ0eXAi[...]'
44+
```
45+
46+
> Note that the header reads `Bearer { token }`. Ensure you include the word "Bearer" (with a space after it) in order to be properly authenticated.
47+
48+
## Contributing
49+
50+
We'd love help with this project! The best way to get involved is to reach out via the #core-restapi channel in [Slack](https://make.wordpress.org/chat/).
51+
52+
## License
53+
54+
jwt-auth is licensed under [GNU General Public License v2](https://github.com/WP-API/jwt-auth/blob/develop/LICENSE).

0 commit comments

Comments
 (0)