Don’t be fooled by the name,
But you don’t have to have a build system at all to use
node-wpapi; just download the pre-built script bundle, then use
wp_enqueue_script to pull it in from your plugin. The library will export itself as the global variable
WPAPI, which you can reference in your own scripts.
Out of the box you can use the script to access all public content, but eventually you’re likely to want more. In this guide, we’re going to learn how to use the normal WordPress login system along with a “nonce”, a unique number generated by WordPress, to authenticate your script with the API.
Creating The Plugin
If you don’t have a plugin already, let’s make a quick one together. First, we’ll need to ensure our site is running WordPress 4.7.3 or higher, so that the API endpoints are available. Then in your
wp-content/plugins directory, create the folder
wpapi-demo, then make an empty
wpapi-demo.php file inside that folder.
Next, download and copy over the script files from the wpapi.js download bundle into your plugin directory. At a minimum, you should now have this:
wpapi.min.js(the script you copied over from the download)
- (Probably the rest of the files from the download are here too)
rest-api/(the REST API plugin itself)
The first thing we have to do is to tell our new WordPress plugin where to find the
wpapi.js script (the example code assumes we’re using the minified version, but either will work). To do that, we need to call
wp_register_script within our plugin;
wp_register_script is meant to be called within the
wp_enqueue_scripts action, as shown below
The library on its own doesn’t do much for us unless we write a script that uses it, so let’s add a
wpapi-demo.js script to our plugin folder as well. (You can leave it empty for now.) We’ll tell our WordPress plugin where to find that one, too, by adding this code:
The final piece of the puzzle is to use wp_localize_script to inject a nonce into our code; this unique number will let our script authenticate itself with WordPress whenever you are logged in to your site as normal.
WP_API_Settings to stand in for the values that WordPress will inject.
In that empty
wpapi-demo.js script, add this code:
And in our PHP plugin file, we’ll instruct WordPress how to populate that
With all the preparations complete, you can add the line
to the bottom of the
wp_enqueue_script action in your PHP code.
If you now activate our demo plugin and log in to the WordPress site, you should see “I am [your name or username]” printed out to the console: you are officially authenticated with the WordPress REST API!