3

Trying to use JWT Authentication for WP REST API using WordPressPCL API.

Managed to authenticate and publish both posts and pages to the WordPress server using WordPressPCL. In order to restrict access to only paying members I was planning to use MemberPress. I created a special category for the post and published them as such. The I set up a rule in MemberPress to give access to only to subscribers.

Tested access to the posts and can see the content from my Browser and all is fine with that.

The issue is that when I try to do the same using WordPressPCL although I am properly authorized from the JWT/WordPress perspective I don't have access to the content. It looks like MemberPress blocks an authorized user coming via WordPressPCL but allows access when coming via the web browser.

The same thing happen when I try to post pages as opposed to posts. I should also mention that I can download all posts metadata but not the content of each post which takes me to "You are unauthorized to view this page".

The code below retrieves all posts with a certain title and certain category but myPosts.Content.Rendered == "You are unauthorized to view this page" for all posts.

 try
        {
            WordPressClient client = await GetClient(clientURL,userName,password);
            if (await client.IsValidJWToken())
            {
                var posts = await client.Posts.GetAll();
                var myPosts = posts.Where(p => p.Categories[0] == category && p.Title.Rendered == title);
            }

...

I tried a similar thing without JWT. I can authenticate but cannot retrieve page content:


            CookieContainer cc = new CookieContainer();
            var request = (HttpWebRequest)WebRequest.Create(loginUri);
            request.Proxy = null;
            request.AllowAutoRedirect = false;
            request.CookieContainer = cc;
            request.Method = "post";

            request.ContentType = "application/x-www-form-urlencoded";
            request.ContentLength = requestData.Length;

            using (Stream s = request.GetRequestStream())
                s.Write(requestData, 0, requestData.Length);

            using (HttpWebResponse response = (HttpWebResponse)request.GetResponse())
            {
                foreach (Cookie c in response.Cookies)
                    Console.WriteLine(c.Name + " = " + c.Value);
            }

            string newloginUri = "http://localhost/myWP/myPostforToday/";
            HttpWebRequest newrequest = (HttpWebRequest)WebRequest.Create(newloginUri);
            newrequest.Proxy = null;
            newrequest.CookieContainer = cc;
            using (HttpWebResponse newresponse = (HttpWebResponse)newrequest.GetResponse())
            using (Stream resSteam = newresponse.GetResponseStream())
            using (StreamReader sr = new StreamReader(resSteam))
                File.WriteAllText(@"retrievedpage.html", sr.ReadToEnd());

I suspect that MemeberPress rules restrict the access but I couldn't find any solution. Some guidance on how to handle this ( with or without MemberPress involvement) would be really appreciated.

Orbiter
  • 39
  • 1
  • 3
  • I am still having the same exact issue but only on the hostmonster hosted WP instance. My local test instance works properly. I can post but the content rendered returns the same error message "You are unauthorized to view this page." – Orbiter Feb 10 '20 at 21:49
  • Did you solve this? I'm having the same issue. – markmoxx Nov 15 '20 at 23:58

1 Answers1

0

Change this

 var posts = await client.Posts.GetAll();

to:

var posts = await client.Posts.GetAll().Result;

If you have Result() I think this will work and next original ;

var client = new WordPressClient("http://wordpress-domain.com/wp-json/");
client.AuthMethod = AuthMethod.JWT;
await client.RequestJWToken("user", "password");
return client;

But you use:

WordPressClient client = await GetClient(clientURL,userName,password);
MaxiGui
  • 6,190
  • 4
  • 16
  • 33
Muh.İbrahim Y.Kaya
  • 1
  • 2