wp_is_application_passwords_available()
云策文档标注
概述
wp_is_application_passwords_available() 函数用于检查 Application Passwords 功能是否全局可用。默认情况下,该功能在 SSL 站点或本地环境中可用,开发者可通过过滤器调整其可用性。
关键要点
- 函数返回布尔值,表示 Application Passwords 是否可用
- 默认可用性基于 SSL 或本地环境,可通过 'wp_is_application_passwords_available' 过滤器自定义
- 内部调用 wp_is_application_passwords_supported() 并应用过滤器
- 自 WordPress 5.6.0 版本引入
代码示例
function wpdocs_rest_permission_callback( $request ) {
if ( wp_is_application_passwords_available() ) {
$auth_header = $request->get_header( 'Authorization' );
if ( empty( $auth_header ) ) {
return new WP_Error( 'rest_forbidden', __( 'Authentication required. Application Password not found' ), array( 'status' => 401 ) );
}
$user_id = get_current_user_id();
$result = wp_validate_application_password( $user_id );
if ( ! $result ) {
return new WP_Error( 'rest_forbidden', __( 'Authentication failed.' ), array( 'status' => 403 ) );
}
} elseif ( ! current_user_can( 'manage_options' ) ) {
return new WP_Error( 'rest_forbidden', __( 'Permission denied.' ), array( 'status' => 403 ) );
}
return true;
}注意事项
- 函数主要用于 REST API 权限回调,确保 Application Passwords 可用性检查
- 相关函数包括 wp_is_application_passwords_supported() 和 wp_is_application_passwords_available_for_user()
- 过滤器 'wp_is_application_passwords_available' 允许开发者动态控制可用性
原文内容
Checks if Application Passwords is globally available.
Description
By default, Application Passwords is available to all sites using SSL or to local environments.
Use the ‘wp_is_application_passwords_available’ filter to adjust its availability.
Source
function wp_is_application_passwords_available() {
/**
* Filters whether Application Passwords is available.
*
* @since 5.6.0
*
* @param bool $available True if available, false otherwise.
*/
return apply_filters( 'wp_is_application_passwords_available', wp_is_application_passwords_supported() );
}
Hooks
- apply_filters( ‘wp_is_application_passwords_available’, bool $available )
-
Filters whether Application Passwords is available.
Changelog
| Version | Description |
|---|---|
| 5.6.0 | Introduced. |
Skip to note 2 content
Jose Lazo
Make a custom permission callback to a custom endpoint.
/** * A callback for checking the permission for the REST API. * * @param WP_REST_Request $request API request * @return true|WP_Error */ function wpdocs_rest_permission_callback( $request ) { if ( wp_is_application_passwords_available() ) { $auth_header = $request->get_header( 'Authorization' ); if ( empty( $auth_header ) ) { return new WP_Error( 'rest_forbidden', __( 'Authentication required. Application Password not found' ), array( 'status' => 401 ) ); } $user_id = get_current_user_id(); // or get the user ID from the request data $result = wp_validate_application_password( $user_id ); if ( ! $result ) { return new WP_Error( 'rest_forbidden', __( 'Authentication failed.' ), array( 'status' => 403 ) ); } } elseif ( ! current_user_can( 'manage_options' ) ) { return new WP_Error( 'rest_forbidden', __( 'Permission denied.' ), array( 'status' => 403 ) ); } return true; }