Can't authenticate with basic authentication u

2019-02-18 12:03发布

I'm having an issue with basic authentication.

Trying to send a GET request with Postman (chrome plugin) using the following url: http://_MY_WEBSITE_URL_/wp-json/wp/v2/users/3

The username and the password field is filled with the site's admin user credentials.

The error I get:

{
    "code": "rest_user_cannot_view",
    "message": "Sorry, you cannot view this resource.",
    "data": {
        "status": 401
    }
}

I tried the basic authentication using wp_remote_request from another website, and with CURL too, but the results are the same every time.

The user with id 3 exists, I have checked it. If I want to list all of the users, I get only those who have posts created.

I have activated the required plugins: WP REST API, JSON Basic Authentication.

My wordpress version: 4.4.2

2条回答
聊天终结者
2楼-- · 2019-02-18 12:42

Finally, I figured out the solution. I had to add some new options manually to my .htaccess file, the plugin didn't make it.

The code:

# BEGIN WP BASIC Auth
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /PluginTest/
RewriteCond %{HTTP:Authorization} ^(.*)
RewriteRule ^(.*) - [E=HTTP_AUTHORIZATION:%1]
</IfModule>
# END WP BASIC Auth
查看更多
聊天终结者
3楼-- · 2019-02-18 12:43

I think issue is not for getting user data from server but this error code is for your authentication problem have this user capability or Role might not be administrator

for detail view

wp-content/plugins/rest-api/lib/endpoints/class-wp-rest-users-controller.php

public function get_item_permissions_check( $request ) {

    $id = (int) $request['id'];
    $user = get_userdata( $id );
    $types = get_post_types( array( 'public' => true ), 'names' );

    if ( empty( $id ) || empty( $user->ID ) ) {
        return new WP_Error( 'rest_user_invalid_id', __( 'Invalid resource id.' ), array( 'status' => 404 ) );
    }

    if ( get_current_user_id() === $id ) {
        return true;
    }

    if ( 'edit' === $request['context'] && ! current_user_can( 'list_users' ) ) {
        return new WP_Error( 'rest_user_cannot_view', __( 'Sorry, you cannot view this resource with edit context.' ), array( 'status' => rest_authorization_required_code() ) );
    } else if ( ! count_user_posts( $id, $types ) && ! current_user_can( 'edit_user', $id ) && ! current_user_can( 'list_users' ) ) {
        return new WP_Error( 'rest_user_cannot_view', __( 'Sorry, you cannot view this resource.' ), array( 'status' => rest_authorization_required_code() ) );
    }

    return true;
}
查看更多
登录 后发表回答