Description
JSON API User extends the JSON API Plugin with a new Controller to allow RESTful user registration, authentication, password reset, RESTful Facebook Login, RESTful User Meta and BuddyPress xProfile get and update methods. This plugin is for WordPress/Mobile app developers who want to use WordPress as mobile app data backend.
JSON API Plugin, that is required, was closed on August 7, 2019 from WordPress repository. You can download JSON API Plugin from https://github.com/PI-Media/json-api until it is republished and available on WordPress.
Features include:
- Generate Auth Cookie for user authentication
- Validate Auth Cookie
- RESTful User Registration
- RESTful Facebook Login/Registration with valid access_token
- RESTful BuddyPress xProfile fields update
- Get User Meta and xProfile fields
- Update User Meta and xProfile fields
- Delete User Meta
- Password Reset
- Get Avatar
- Get User Info
- Post Comment
The plugin was created for mobile apps integration with the web app using WordPress as backend for all the data. WordPress helped in putting together the web app quickly and then Mobile iOS and Android apps were integrated via this plugin. There were some app specific customized methods which are not included but rest have been made generic for community usage.
My other JSON API Auth plugin has also been integrated with this plugin from version 1.1 because most endpoints required user authentication via cookie for data update.
Pro Version – JSON API User Plus
A pro version of this plugin, JSON API User Plus, is available here http://www.parorrey.com/solutions/json-api-user-plus/ that supports BuddyPress Messages component, BuddyPress avatar upload, BuddyPress Extended Profile, BuddyPress Groups, BuddyPress Friends, BuddyPress Activity, BuddyPress Notifications, BuddyPres Settings and other BuddyPress related functions to integrate BuddyPress features in your mobile app via REST api.
JSON API User Plus includes API key which protects and restricts the endpoint calls. This key can be updated from Settings > User Plus options page. Your app must include this key with every call to get the data from REST API. Please see documentation for calling endpoints examples for āJSON API User Plusā.
JSON API User Plus features include:
- Generate Auth Cookie for user authentication
- Validate Auth Cookie
- RESTful User Registration
- RESTful Facebook Login/Registration with valid access_token
- RESTful BuddyPress xProfile fields update
- Get User Meta and xProfile fields
- Update User Meta and xProfile fields
- Delete User Meta
- Password Reset
- Get/Upload Avatar
- Get User Info
- Post Comment
- Add Post, Update Post, Delete Post
- Add/Edit/Delete Custom Post Type, Custom Fields
- Search User
- BuddyPress Activities
- BuddyPress Members
- BuddyPress Friends
- BuddyPress Notifications
- BuddyPress Settings
- & many more
Screenshots
Installation
First you have to install the JSON API for WordPress Plugin (https://wordpress.org/extend/plugins/json-api/installation/).
To install JSON API User just follow these steps:
- Upload the folder ājson-api-userā to your WordPress plugin folder (/wp-content/plugins)
- Activate the plugin through the āPluginsā menu in WordPress or by using the link provided by the plugin installer
- Activate the controller through the JSON API menu found in the WordPress admin center (Settings -> JSON API)
FAQ
-
There are following methods available: register, get_avatar, get_userinfo, retrieve_password, validate_auth_cookie, generate_auth_cookie, get_currentuserinfo, get_user_meta, update_user_meta, delete_user_meta, xprofile, xprofile_update, fb_connect
-
nonce can be created by calling if you are registering user. http://localhost/api/get_nonce/?controller=user&method=register
-
You can then use ānonceā value to register user.
-
Always use POST method and not GET method to submit data, following url examples of GET method are only for demonstration purposes.
-
Method: info
-
http://localhost/api/user/info/
This returns plugin version.
-
Method: register
-
http://localhost/api/user/register/?username=john&email=john@domain.com&nonce=8bdfeb4e16&display_name=John¬ify=both
To register user & get valid cookie for 100 seconds:
http://localhost/api/user/register/?username=john&email=john@domain.com&display_name=John¬ify=both&seconds=100Optional fields: āuser_passā, āuser_nicenameā, āuser_urlā, ānicknameā, āfirst_nameā, ālast_nameā, ādescriptionā, ārich_editingā, āuser_registeredā, ājabberā, āaimā, āyimā, ācomment_shortcutsā, āadmin_colorā, āuse_sslā, āshow_admin_bar_frontā.
Please make sure you provide valid values that these fields expect in correct format.
To disbale registration email notification to user:
http://localhost/api/user/register/?username=john&email=john@domain.com&nonce=8bdfeb4e16&display_name=John¬ify=no
To register with user provided password:
http://localhost/api/user/register/?username=john&email=john@domain.com&nonce=8bdfeb4e16&display_name=John¬ify=both&user_pass=YOUR-PASSWORD
To add custom fields for user profile, send ācustom_fieldsā named associative array, populated with standard āmeta_keyā as index and āmeta_valueā as its value. For example, you need to add address and phone for any user, populate custom_fields[address] index with address value and custom_fields[phone] with hpone value.
You can add any number of custom fields. These are stored as meta_key and meta_value in user_meta WordPress table. You can access these values in WordPress using get_user_meta() fucntion.
You can also get these values with get_user_meta endpoint, see below this endpoint documentation.
-
Method: fb_connect
-
It needs valid āaccess_tokenā var.
http://localhost/api/user/fb_connect/?access_token=CAACEdEose0cBADLKmcHWOZCnW4RGU8emG
Provide valid access_token with email extended permission. To generate test access_token, try this tool https://developers.facebook.com/tools/explorer/ and select the app from above drop down that you want to get access_token (You must have joined that app already with email permission to generate access_token) for and then select email from the fields. By default, only āidā and ānameā are added but you need to include ’emailā for user identification.
You will have to first allow extended permission for email in the app joining screen. Please note that above tool is only for testing, you generate valid access_token using the Graph API in your app. You should know Facebook Graph API to use this endpoint.
-
It needs ācookieā var.
http://localhost/api/user/validate_auth_cookie/?cookie=admin|43089754375034fjwfn39u8
-
It needs
username
,password
vars.seconds
is optional.First get the nonce: http://localhost/api/get_nonce/?controller=user&method=generate_auth_cookie
Then generate cookie: http://localhost/api/user/generate_auth_cookie/?username=john&password=PASSWORD-HERE
Optional āsecondsā var. It provided, generated cookie will be valid for that many seconds, otherwise default is for 14 days.
generate cookie for 1 minute: http://localhost/api/user/generate_auth_cookie/?username=john&password=PASSWORD-HERE&seconds=60
60 means 1 minute.
-
Method: delete_user_meta
-
It needs ācookieā and āmeta_keyā var and āmeta_valueā to delete.
http://localhost/api/user/delete_user_meta/?cookie=COOKIE-HERE&meta_key=KEY-HERE&meta_value=VALUE-HERE
-
Method: update_user_meta
-
It needs ācookieā and āmeta_keyā var and āmeta_valueā to update. You must include a āmeta_valueā var in your request. If you have multiple values for any meta_key, you must send it as an array meta_value[] in POST method.
http://localhost/api/user/update_user_meta/?cookie=COOKIE-HERE&meta_key=KEY-HERE&meta_value=VALUE-HERE
-
Method: update_user_meta_vars
-
It needs ācookieā and any user meta variables. This endpoint allows you cut http requests if you have to add/update more than one user_meta field at a time.
http://localhost/api/user/update_user_meta_vars/?cookie=COOKIE-HERE&website=user-website.com&city=Chicago&country=USA
In the above endpoint call, website, city, country are meta_key for WordPress user_meta. It is different from BuddyPress xProfile fields.
If you have multiple values for any variable, you must send it as an array i.e. variable_name[] in POST method. For instance, you have skills variable with multiple values, you will send a skills[] array with its values using POST method.
-
Method: get_user_meta
-
It needs āuser_idā. āmeta_keyā var is optional.
http://localhost/api/user/get_user_meta/?cookie=COOKIE-HERE&meta_key=KEY-HERE
-
Method: xprofile
-
It needs āuser_idā and any profile āfieldā var.
http://localhost/api/user/xprofile/?user_id=USERID-HERE&field=FIELD-LABEL-HERE
-
Method: xprofile_update
-
It needs ācookieā and any profile āfieldā var and āvalueā.
http://localhost/api/user/xprofile_update/?cookie=COOKIE-HERE&exact-xprofile-field-label=value
http://localhost/api/user/xprofile_update/?cookie=COOKIE-HERE&field=value&field2=value&multi-value-field=value1,value2,value3
Please make sure you provide ending comma for all those fields which have multiple values. e.g. If āskillsā xProfile field has multiple values, pass them like
http://localhost/api/user/xprofile_update/?cookie=COOKIE-HERE&skills=PHP,MySQL, or &skills=PHP, make sure you always pass ending comma for multi-select fields to be added in array format. -
Method: retrieve_password
-
It needs user_login var.
http://localhost/api/user/retrieve_password/?user_login=john
-
Method: get_avatar
-
It needs user_id var.
http://localhost/api/user/get_avatar/?user_id=1
-
Method: get_userinfo
-
It needs user_id var.
http://localhost/api/user/get_userinfo/?user_id=1
-
Method: post_comment
-
It needs ācookieā, āpost_idā, ācontentā, ācomment_statusā vars.
http://localhost/api/user/post_comment/?cookie=COOKIE-HERE&post_id=ID&content=Comment contents here&comment_status=1
For additional endpoints, pro version JSON API User Plus plugin details check here https://www.parorrey.com/solutions/json-api-user-plus/
Reviews
Contributors & Developers
“JSON API User” is open source software. The following people have contributed to this plugin.
ContributorsTranslate “JSON API User” into your language.
Interested in development?
Browse the code, check out the SVN repository, or subscribe to the development log by RSS.
Changelog
3.9.3
- Fixed a bug for get_userinfo, generate_auth_cookie, get_currentuserinfo endpoints for avatar
3.9.2
- Fixed a bug for validate_auth_cookie endpoint and error message
3.9.1
- Updated for wordpress version 6.1.1
3.9.0
- Updated for wordpress version 6.0.1, bug fix for generate_auth_cookie endpoint
3.8.1
- Updated for wordpress version 5.9
3.8.0
- Updated for wordpress version 5.8
3.7.0
- Updated for wordpress version 5.7.
3.6.0
- Updated for wordpress version.
3.5.0
- Updated update_user_meta endpoint for array variable values.
- Updated update_user_meta_vars endpoint for array variable values.
3.4.0
- Updated for hash cookie in response to register endpoint.
- Added ācustom_fieldsā for user profile register endpoint, ācustom_fieldsā named array with āmeta_keyā and āmeta_valueā will be added in user profile.
3.3.0
- Updated for hash cookie in response to generate_auth_cookie endpoint.
- Updated and included cookie, cookie name, hashed cookie and user_login info in response to registration endpoint.
- ādisplay_nameā variable is not required anymore in āregstrationā endpoint.
3.2.0
- Updated for JSON API Plugin diretory check error and updated action links.
3.1.3
- Fixed action links